Android vulnerability allows interception of VPN data, researchers claim


Security researchers over at the Ben Gurion University (BGU), Israel claim to have discovered a vulnerability in Android that allows for interception of encrypted data travelling over a VPN in plain text.

“As part of our ongoing mobile security research we have uncovered a network vulnerability on Android devices which has serious implications for users using VPN”, notes BGU CTO Dudu Mimran.

“This vulnerability enables malicious apps to bypass active VPN configuration (no ROOT permissions required) and redirect secure data communications to a different network address”, Mimran added.

The researchers claim that the vulnerability, if exploited, allows for capture of data in clear text thereby leaving the information completely exposed. The researchers claim that they have tested multiple smartphones from different vendors before posting their claims. They have reported the vulnerability to Google and are awaiting the Android maker’s verdict on this.

Security researchers from the same university reported a few weeks ago of a vulnerability in Samsung Knox security suite that allowed interception of encrypted data. At the time Samsung ruled out presence of vulnerability in its security solution and revealed that the exploit doesn’t target a vulnerability, but users legitimate Android network functions in an illegitimate way.

You can check out the video POC and the steps they followed to demonstrate the existence of the vulnerability.