Home > Personal Technology > Android > Researchers discover major VPN vulnerability in Android 4.3

Researchers discover major VPN vulnerability in Android 4.3

Security researchers from Ben Gurion University have discovered a major exploit in Android 4.3 that can be used by malicious applications to bypass a VPN connection, and reroute the traffic to another network address as plain, readable text.


The Cyber Security Labs at Ben Gurion University have found and extensively tested a major security flaw in the Android operating system. Using a simple exploit, the vulnerability can allow malicious applications to bypass a VPN (Virtual Private Network) connection initiated by the user, and reroute the traffic to a different address.

The information can then be picked up by a packet sniffer as a completely unencrypted, plain text payload.

The researchers previewed the vulnerability in a YouTube video, clearly demonstrating the compromised plain contents of an email sent over a VPN on a Samsung Galaxy S4 running Android 4.3

[youtube id=”9JCmI0vbVik” width=”620″ height=”360″]

VPNs are often used in corporate and academic environments as a safe way to access private networks across the Internet. Therefore, by their nature, the information sent to and from VPNs can tend to be highly sensitive and confidential, and is encrypted along the way.

Gurion’s report notes that the computer sniffing out data was connected to the same network as the infected phone. However, the VPN was configured correctly, and traffic should not have been going to the machine at all, nor should it have been readable as plain text in any case.

Gurion also notes, however, that while TLS/SSL traffic can be intercepted through this method, it remains encrypted and cannot be read. Therefore, secure socks connections such as HTTPS do not seem to be compromised by this exploit.

The researchers submitted information to Google on the seventeenth of January, and have not, as of yet, received a response.

The vulnerability was tested on multiple Android devices from different vendors, eliminating the possibility that the exploit is limited to a single device or manufacturer. The researchers have not yet verified whether the exploit works on Android Kitkat 4.4, though they are continuing to investigate it.

Source: Cyber Security Labs at Ben Gurion University

Brandon Shutt
Brandon is an A+ certified technician and freelance writer living in East Tennessee. He loves God, writing, science (especially technology) and philosophy. He is currently preparing to enter the field of information security.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Read previous post:
New screenshots for ‘The Division’ showcase crystal-clear next-gen visuals

Three new screenshots for Ubisoft's upcoming post-apocalytpic online-multiplayer hybrid highlight the game's impressive next-gen visuals.