The researcher who discovered the exploit is Guang Gong, and PacSec will be rewarding Guang for uncovering and releasing the exploit by flying him to the CanSecWest security conference for a ski trip in March of 2016. In addition to this, Google will also likely pay a bounty for the bug’s discovery, as a Google security representative at the event took Guang’s work back for consideration.
The vulnerability took the researcher three months of development to fully flesh out, but when he demonstrated it, the method proved scarily smooth and efficient. A Nexus 6, after visiting an unremarkable web address laced with the malicious script, was able to be taken over entirely by Guang, who used this access to download a BMX bike game on the device.
Pretty spooky stuff, all in all.
What are your thoughts on this compromise? Let us know in the comments below.