Viber is a very popular messaging and VoIP app. On Android, it is especially popular, but unfortunately, there is a major flaw in the app that puts millions of smartphone users at risk as it grants full access to an Android smartphone. The exploit was first discovered by security company Bkav. Also Read - WhatsApp alternatives: 3 secure messaging apps you can try
According to the analysis, all a ‘would be’ hacker needs are two Android smartphones, both running Viber and a phone number. Also Read - COAI advocates 'level-playing field' regulations for WhatsApp, Skype, Viber like OTT players
The first step is to send a Viber message to the victim. Then the hacker has to combine actions on Viber message popups with tricks like using the victims notification bar and sending more Viber messages. The idea is to make the virtual keyboard appear. Once the keyboard makes an appearance one only needs to send a missed call to the victim and press the back button. Also Read - TRAI asks if WhatsApp, Skype, Viber, and Hike should be regulated by the government
According to the report, this technique has been successfully tested using the HTC Sensation XE, Google Nexus 4, Samsung Galaxy S II and the Sony Xperia Z. All these devices are very popular in particular the Galaxy S II and the Google Nexus 4, which means this could be a big issue if the exploit is not plugged quickly.
Update : Viber has reached out to us and it claims that the lockscreen issue has been resolved.