LG keyboard/handwriting remote vulnerability getting exploited/patched

It appears the default LG keyboard and handwriting apps had problems that allowed for a hacker hanging out in a coffee shop (or just their $30 Raspberry Pi,)  to play man in the middle and drop off their code in your phone due to LG’s messed up updating logic.

LG was using HTTP and not HTTPS for updates. That could potentially invite someone to play man in the middle and load code into the apps as an update to run with privileges later on.

While a long shot, with 20% of the Android population sporting LG phones that’s at least a couple thousand people getting their phones infected without much trouble.

LG’s rolling out a security update in their May patches, so make sure to grab them if you’re able.

Checkpoint has a very good technical writeup of how the vulnerability presents, and how it’s exploited.

Users of LG phones can go to settings / update, or if there’s no update available just not get on WiFi they don’t trust.

Alternately you can spend some money on a VPN so nobody can execute a man in the middle attack. I’d just suggest updating the phone and until then staying off of WiFi you don’t trust.

Liked it? Take a second to support Pocketables on Patreon!

Paul E King

Paul King started with GoodAndEVO in 2011, which merged with Pocketables, and as of 2018 he's evidently the owner. He lives in Nashville, works at a film production company, is married with two kids. Facebook | Google+ | Twitter | Donate | More posts by Paul | Subscribe to Paul's posts