Report: New hack lets an attacker bypass password-locked Android home screens

You can protect yourself with a PIN or pattern unlock, but it's another example of why all manufacturers need to get on board with monthly updates.

If no one has been able to convince you to take your device’s security seriously, perhaps this hack will do it.

A video uncovered by Ars Technica shows someone able to use the emergency call access to gain entry to a locked phone, even though it’s protected with a password.

The individual in the video types a large string of characters into the call window and copies them to the device’s clipboard. The hacker is then able to open the camera from the locked device, access the options menu, and paste several characters into the password prompt. The phone then unlocks. 

The vulnerability was introduced in Android 5.0 and was fixed in the LMY48M Android 5.1.1 build released to Nexus devices (you can always grab it yourself from the Nexus Factory Images page.) However, the vast majority of Android handsets aren’t of the Nexus variety, which means you’re vulnerable to this hack until your device is updates. Fortunately, the attack only works if you use a password to unlock your device; you can use a PIN or pattern unlock to protect yourself. If you use a fingerprint unlock, you would need to have a PIN or pattern as the backup to fully stay secure.

Why this matters: It hasn’t been a great year for Android security, as this minor hack comes after the big scare of Stagefright. It demonstrates that Google and device manufacturers all need to step up their game so everyone can enjoy better security and not worry about a new hack every week.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Follow our new CSO Australia LinkedIn
Follow our new social and we'll keep you in the loop for exclusive events and all things security!
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.

Tags smartphones

More about Google

Show Comments

Featured Whitepapers

Editor's Recommendations

Brand Page

Stories by Derek Walter

Latest Videos

More videos

Blog Posts