Researchers uncover unknown Android flaws used to hack into a student’s phone

Amnesty International said that Google fixed previously unknown flaws in Android that allowed authorities to unlock phones using forensic tools. On Friday, Amnesty International published a report detailing a chain of three zero-day vulnerabilities developed by phone-unlocking company Cellebrite, which its researchers found after investigating the hack of a student protester’s phone in Serbia. The flaws were found in the core Linux USB kernel, meaning “the vulnerability is not limited to a particular device or vendor and could impact over a billion Android devices,” according to the report. Zero-days are bugs in products that when found are unknown to the software or hardware makers. Zero-days allow criminal and government hackers to break into systems in a way that’s more effective because there is no patch that fixes them yet. In this case, Amnesty said that it first found traces of one of the flaws in a case in mid-2024. Then, last year, after investigating the hack of a student ... Read full article.