We use cookies on our websites. Information about cookies and how you can object to the use of cookies at any time or end their use can be found in our privacy policy.

How to protect your Android from the Heartbleed bug

How to protect your Android from the Heartbleed bug

Heartbleed is one of the biggest security breaches the internet has ever known. Here’s how to protect your Android smartphone against this OpenSSL bug which leaves your phone vulnerable to virus attacks.

android heartbleed
© AndroidPIT

What is Heartbleed

Hearbleed is a flaw in the OpenSLL software ‘’Heartbeat’’ function which is what’s behind secure internet connections. It is this function that is buggy, allowing attackers to manipulate it and cause some serious damage to the affected systems. The Heartbleed vulnerability impacts any infrastructure that has the affected version of OpenSSL.

So who is affected?

According to Symantec, the majority of main browsers do not use this OpenSLL software. But on Android, it’s the complete opposite. Your Android is at risk, which means that private info stored on it is as well. You can use the Symantec SSL Tool check to see if a website is vulnerable to the Heartbleed bug.

Heartbleed on Android

Generally speaking, if you are on a vulnerable website and a new identical tab opens when you have entered your identifiers, stop right there and close out right away. Another method that hackers often use is to inject a code into a vulnerable Android navigator, which allows the instigator to fish out sensitive information that is stored in the phone’s memory.

How to protect your Android against Heartbleed

Lookout, a developing group that you might already know thanks to their antivirus app, have developed a new app called Heartbleed Security Scanner that will help you see whether your phone is vulnerable or not: the application however does NOT protect you, which means you will have to wait until Google or your manufacturer releases an update.

© AndroidPIT

Tips to protect your data

  • Change your password regularly
  • Avoid using the same passwords on various websites
  • If you detect a vulnerable site using the Symantec SSL toolbox, wait before changing your password.
  • If your Android is vulnerable, be cautious and make sure you update your phone.

The real problem with Heartbleed is that the bug has already existed for over two years, and that your passwords are potentially exposed, yet another reason why you should change them regularly.

Is your Android device vulnerable to the Heartbleed bug?
View results

Source: Ars Technica

Recommended articles

No comments

Write new comment:
All changes will be saved. No drafts are saved when editing
Write new comment:
All changes will be saved. No drafts are saved when editing