What a Heartbleed Attack on an Android Phone Looks Like

Source: Lacoon Mobile Security via YouTube

A proof-of-concept exploitation of Android 4.1.1 mobile browser using the Heartbleed exploit, published on April 27, 2014. Close

A proof-of-concept exploitation of Android 4.1.1 mobile browser using the Heartbleed... Read More

Close
Open
Source: Lacoon Mobile Security via YouTube

A proof-of-concept exploitation of Android 4.1.1 mobile browser using the Heartbleed exploit, published on April 27, 2014.

It's still an open wound.

Three weeks after most of the Web protected its computers from the Heartbleed Internet bug, there are lingering threats. Many smartphones running an older version of Google's Android software may still be vulnerable to hacking attacks.

As we've reported, millions of devices globally using Android version 4.1.1, which was released in 2012, carry the Heartbleed flaw. And while Google has "applied patches to key Google services," according to the company, individual wireless carriers and handset makers still need to push out the fix.

That can be a "really long process," said Michael Shaulov, chief executive officer and co-founder of Lacoon Mobile Security. So to create an even greater sense of urgency, his company produced a video showing what an attack against the devices would look like.

Shaulov said the point is to show the ease with which vulnerable devices can be exploited and refute suggestions that attacks would be impractical. The video shows pages of data pulled from a target phone's memory spilling onto the screen, exposing passwords and other sensitive information -- precisely what the "bleed" in Heartbleed refers to.

Related: The Branding of a Bug: How Heartbleed Became a Household Name

Press spacebar to pause and continue. Press esc to stop.

Bloomberg reserves the right to remove comments but is under no obligation to do so, or to explain individual moderation decisions.

Please enable JavaScript to view the comments powered by Disqus.