With hackers looking at sophisticated means to hack Android phones for harvesting personal data, Google has now got an alert of a new type of bug that may help hackers.
The next time you receive a simple photo of pets or some memes from someone and if the file format happens to be .PNG, then it could critically affect your phone.
No, we are not saying that all .PNG images are unsafe, but there is a way for hackers to create a malicious .PNG image to exploit a bug in Android versions 7.0 to 9.0.
Google has alerted users of this bug in the latest February Android security patch and it is a critical vulnerability on the framework. If it is exploited, hackers can get remote access to execute malicious code to take control of the host device.
Interestingly, images can be used to even track a phone’s location through WhatsApp. In this case, you will receive a WhatsApp message (or SMS) from an unknown sender and it will ask you to click on a link that comes with the photos for more content. Once you click on the link, it will actually just show you more ‘funny’ content. The entire drill is harmless till now. And in most case you will also delete the image after looking at it. But what you will not realise is the fact that by clicking on the lick you have given away your exact location, taken from your phone. And this information can then be used to stalk you.
The stalker actually uses this type of ways to track you by creating a masked link which otherwise looks like a Google link but actually sends information to a IP logger server.
So, before clicking on any photos or links from random people, it is highly advisable that users keep these things in mind as well.