Heartbleed: 50m Android phones may be affected, report shows
Data assessing smartphones in the US revealed that tens of millions of phones are at risk of being harvested
Around fifty million Android smartphone users could be exploited by a version of the so-called Heartbleed security glitch, it has been reported.
Devices running Android 4.1.1, a version of its Jelly Bean software released in 2012, are at risk, according to an announcement made by Google.
The number of users that could be affected, calculated by the analytics company Chitika and revealed to the Guardian, is a reasonably significant decrease in previous estimates which suggested hundreds of millions of mobiles could have been affected by Heartbleed.
Phones affected by the security flaw could see their browsers harvested for data including login information.
The firm came to the figure by analysing US network traffic between 7 April and 13 April, and compared it to Comscore data suggesting there are 85 million Android smartphones in the US.
“Android 4.1.1 users generated 19 per cent of total North American Android 4.1 Web traffic, with users of version 4.1.2 generating an 81 per cent share. Web traffic from devices running Android 4.1.0 made up less than 0.1 per cent of the Android 4.1 total observed, so we did not include for the purposes of clarity,” Andrew Waber, a Chitika representative, told the Guardian.
Read more: Bug has revealed major flaw in online security
Am I at risk? Do I need to change my password?
Coder responsible for Heartbleed says it can be 'explained easily'
Heartbleed bug hackers break into Mumsnet
Google has disclosed that “less than 10 per cent” of its activated devices are vulnerable, but did not reveal a specific figure, the newspaper reported.
According to security firm Lookout, which provides software allowing Android users to check if they are vulnerable, 80 per cent of their customers running Android 4.1.1 have been affected, principal security researcher at the San Francisco-based company, told Bloomberg.
However, Rogers told Bloomberg that it appears that hackers have not yet tried to attack Android devices using Heartbleed.
“Given that the server attack affects such a larger number of devices and is so much easier to carry out, we don't expect to see any attacks against devices until after the server attacks have been completely exhausted,” he said.
Since Heartbleed was disclosed as a threat in April, only Android devices have been recognised as vulnerable. Apple does not use the vulnerable version of OpenSSL, which is the gateway for Heartbleed, on the iPhone or iPad, while Microsoft said that neither Windows Phone nor Windows is affected.
Harry Potter actor suffered 'severe flu-like symptoms' on a flight from London to Orlando
First full-length look is finally here
Rap music mogul accused of running two men over in his truck
World cities ranked in terms of safety, food security and 'liveability'
"Oink! Oink! Hee hee hee!" First interview with the big-screen star
Biohacking group hopes technology will lead people to think about even more dystopian uses
Life & Style blogs
Snapchat removed the Best Friends list feature and 'stalkers' are upset
Baldness could soon be treated using stem cells, scientists hope
A bottle of wine a day is not bad for you and abstaining is worse than drinking, scientist claims
Eight-year-old girl Camilla Lisant suggests possible cancer treatment to her scientist father over the dinner table
Lack of medically trained staff leaves NHS 111 phone service struggling to cope, insider claims
9 reasons Greece's experiment with the radical left is doomed to failure
'We would evict Queen from Buckingham Palace and allocate her council house,' say Greens
Have we reached 'peak food'? Shortages loom as global production rates slow
Greece elections: Syriza and EU on collision course after election win for left-wing party
British grandmother Lindsay Sandiford faces execution by firing squad in Indonesia
Liberal Democrat minister defends comments suggesting immigration causes pub closures
- 1 Saudi preacher who 'raped and tortured' his five -year-old daughter to death is released after paying 'blood money'
- 2 The awkward moment Sarah Palin raised $25,000 for Hillary Clinton's election campaign
- 3 Ball pool for adults opens in London
- 4 Amal Clooney gives excellent response to fashion question at European Court of Human Rights
- 5 Baldness could soon be treated using stem cells, scientists hope
iJobs Gadgets & Tech
£25000 - £35000 per annum: Recruitment Genius: A skilled .NET developer with e...
£25000 - £30000 per annum: Recruitment Genius: This IT support company are cur...
£35000 - £43000 per annum + Benefits: Ashdown Group: Senior IT Support Analyst...
£60000 - £70000 per annum + benefits: Ashdown Group: An excellent opportunity ...