03 March,2014 09:52 AM IST | | Agencies
A 'critical flaw' has been detected in the virtual private network (VPN) offered by Android operating systems in the Indian cyberspace, which has lead to speculations about ‘hijack’ of personal data of those using Android smartphones
Android
New Delhi: A âcritical flaw' has been detected in the virtual private network (VPN) offered by Android operating systems in the Indian cyberspace, which has lead to speculations about âhijack' of personal data of those using Android smartphones.
The suspicious activity has been noticed in two Android versions - 4.3 known as Jelly Bean and the latest 4.4 called KitKat.
Warnings have been issued to Android phone users by the internet security sleuths to guard against the spread of this virus, which affects computer systems and mobile phones.
"The flaw has been reported in VPN implementation, affecting Android versions 4.3 and 4.4. This can allow attackers to bypass active VPN configuration to redirect secure VPN communications to a third party server or disclose or hijack unencrypted communications," claimed the Computer Emergency Response Team of India (CERT-In) in the latest advisory it issued.
The CERT-In is the nodal agency that combats hacking, phishing, and fortifies security-related defences of the Indian Internet domain. The agency said the current malicious application is capable of diverting the VPN traffic to a âdifferent network address' and exploitation of this issue âcould allow attackers to capture entire communication originating from affected device'.
The lethality of the virus to disrupt a system is speculated to be large.
>> The malicious application is capable of diverting the VPN traffic to a âdifferent network address'
>> CERT-In is the nodal agency that combats hacking, phishing
