Hackers targeting Google Pixel with a zero-day exploit

Oh, the world of device and computer security never stops turning. Pay attention, kiddies, because there is job security in working in computer and device security. There’s not a week, or day for that matter, that doesn’t go by where a new security issue is being reported. This time, it’s the Google Pixel smartphone that is the target of hackers. Tomorrow it could be the iPhone or some other piece of software. Here’s what’s going on with the Google Pixel zero-day exploit.

According to security researchers at GrapheneOS, a company that makes a more secure version of Android, hackers have been exploiting zero-day vulnerabilities to attack Google Pixel smartphones. Google has issued an advisory concerning newly discovered bugs that are being used for targeted attacks. “There are indications that the following may be under limited, targeted exploitation,” the advisory says.

According to PCMag, It doesn’t look like traditional cybercriminals or cyber spies have abused the vulnerabilities to attack the phones remotely. Google is crediting the zero-days discovery to Daniel Micay, a cybersecurity researcher and founder of GrapheneOS, an Android-based operating system focused on security. According to GrapheneOS, “forensic companies” have been exploiting the two vulnerabilities to retrieve data from Pixel phones.

Google Pixel

The rear camera bump on the Google Pixel 7a Android smartphone.
  • The first vulnerability, CVE-2024-29745, involves the Pixel line’s bootloader, which loads the operating system into the phone’s memory.
  • The second vulnerability, CVE-2024-29748, can allow an attacker “to interrupt a factory reset triggered by a device admin app.”

Google plans on rolling out security patches for Google Pixel smartphones soon, so be sure to check your updates for that. If you want to dive a little deeper into the vulnerabilities, PCMag goes a bit more in depth about them in their article, so be sure to visit them.