Click to Skip Ad
Closing in...

Even the most secure Android phone ever had a critical security bug

Published Jan 28th, 2015 7:45AM EST
BlackPhone Encryption Security Bug

If you buy through a BGR link, we may earn an affiliate commission, helping support our expert product labs.

Marketed as the most secure Android handset available, the BlackPhone wasn’t completely safe from hackers’ attacks, as a recently discovered — and fixed — vulnerability in the phone’s instant messaging application could give them access to encrypted personal data such as messages, contacts and potential control over other “vital functions” of the handset, Ars Technica reports.

FROM EARLIER: The most secure Android handset is soon getting a special privacy-focused app marketplace

The security issue was thoroughly detailed by Azimuth Security, with the company saying that an attacker would only need a Silent Circle ID or phone number to take advantage of the bug. The vulnerability has been fixed by Silent Circle engineers after the company privately alerted them on the matter.

Hackers could have triggered the bug by simply sending a special message, at which point they would have been able to continue the attack in order to obtain access to more sensitive data. Once inside, a hacker could have decrypted messages, read contacts, access location information and even write code or text on the phone’s external storage — exactly the kind of things BlackPhone makers would want to avoid.

Even though this security issue seems to indicate that not even the Android phone designed with privacy and security in mind isn’t completely safe from attackers, it’s not clear whether the bug has actually been exploited by hackers.

A thorough explanation of what could have happened in such BlackPhone attacks is available at the source link.

Chris Smith Senior Writer

Chris Smith has been covering consumer electronics ever since the iPhone revolutionized the industry in 2008. When he’s not writing about the most recent tech news for BGR, he brings his entertainment expertise to Marvel’s Cinematic Universe and other blockbuster franchises.

Outside of work, you’ll catch him streaming almost every new movie and TV show release as soon as it's available.