Alleged hacking cases have become popular for some years using malicious images and, although many are just rumors, there are cases that outweigh fiction. Experts from a pentesting training course mention that a simple image could be wreaking havoc among mobile users with Android operating system, forcing constant flaws and even total collapses.
According to a Twitter user, known as Ice Universe, if this image is set as wallpaper, the devices will start to turn on and off constantly. At the beginning of this cycle, there is no method to stop it, even if the device is rebooted.
“WARNING – Never set this image as wallpaper, especially for Samsung mobile phone users! It will cause your phone to crash! Don’t try it! If someone sends you this photo, please ignore it,” the user says in a tweet, attaching the image in question, which shows a quiet sunset on a lake.
According to the pentesting training course experts, the only way to stop this restart cycle is to reset the device to its factory settings, which could result in permanent loss of valuable information for the affected device owner. The user who revealed this finding notes that smartphones from manufacturers such as Huawei and OnePlus are not affected by this attack; on the other hand, Samsung Galaxy devices appear to be highly vulnerable.
It is not yet clear why the image causes this condition, although the user theorizes that this could be related to the configuration of the colors in the image and its relationship with the Skia graphics engine, present in the Android system; in other words, the metadata contained in the image could be causing these flaws.
Experts from the pentesting training course mention that, when the image was loaded on Weibo, its colors were slightly modified, which apparently prevents the restart cycle from occurring. Android phones use the sRGB color space, but the image uses RGB color space, whose support for Android 10 is limited. On Android 11, the color space becomes sRGB, so devices with this version of the OS (such as the Pixel 4 XL) are not affected.
So far, the origin of the image remains unknown. The International Institute of Cyber Security (IICS) suggests that users of any android mobile device avoid downloading such an image or interacting with any website, tweet or banner that contains it. It should be remembered that, if your phone has already been affected, you will surely have to perform a factory reset.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.
