Recently, iOS users with Facebook installed had a bit of a privacy and security scare when it was discovered that due to a bug in the app, it would launch the phone’s camera in the background while the app was being used. The issue has since been patched, but now it looks like it’s Android’s turn to suffer from a similar vulnerability.
However, in this instance it has nothing to do with Facebook, but rather it is an issue with Android in which according to security firm Checkmarx, they have discovered a security flaw that allows apps to potentially use the user’s camera and microphone to secretly make recordings without the user’s knowledge.
In Android, whenever apps are installed, it asks for permissions to access certain parts of your phone. However, in this case, instead of asking the user for permission to access the camera and microphone, the flaw allows the app to simply ask for permission to access a device’s storage and it could still activate the camera and microphone nonetheless.
The good news is that Google has since addressed the issue, but they note that this is for Google devices. Checkmarx notes that this flaw affects non-Google devices too so while Pixel phones could already be patched, other brands could still potentially be vulnerable.