As it turns out, hackers can use the camera on your Android phone to spy on you. And you will probably never realize it is happening. This has been discovered by security firm Checkmarx, who say that this vulnerability would allow allow a hacker to take control of the camera in your Android phone, as well as take photos and record videos, through an app installed on the phone. Of course, no consent or permission shall be sought. The researchers believe that vulnerabilities in the camera apps across the Android ecosystem, are to be blamed. The Google Camera app on Google’s own Pixel phones as well as the Camera app on Samsung’s Galaxy range of smartphones are particularly vulnerable, they believe.
“Our team began researching the Google Camera app , ultimately finding multiple concerning vulnerabilities stemming from permission bypass issues. After further digging, we also found that these same vulnerabilities impact the camera apps of other smartphone vendors in the Android ecosystem – namely Samsung – presenting significant implications to hundreds-of-millions of smartphone users,” says Checkmarx.
The researchers say that a hacker could even access the photos and videos stored in the phone, and can snoop around even if the camera app is closed. Hackers were also able to access the phone's proximity sensor, which altered them whevener the phone was being held close by the user. Google has responded saying they were informed by Checkmarx and have since released the patch for this and also shared the same with all other Android phone makers. "“We appreciate Checkmarx bringing this to our attention and working with Google and Android partners to coordinate disclosure. The issue was addressed on impacted Google devices via a Play Store update to the Google Camera Application in July 2019. A patch has also been made available to all partners," they say.