Security flaw exposed in Viber app [Updated]
Update April 28: The Viber team contacted us, stating that the vulnerability has been fixed. If you want the patched version of the app, you can download it from here.
Viber, a popular VoIP app for Android, has run into a bit of a problem. It seems that, with a little work, full access to your device can be had via the app. The video below demonstrates it in detail, but it’s not something to dismiss.
Through a few sent messages and subsequent action, the app allows the person with your device to access it completely. All the pics, info, contacts and files will be available… just as if it were you. The flaw is within the app, so which device you have means nothing in this scenario.
Is it panic time? Not really. If anything, think of it as a lesson learned. Always check your app’s permissions, and change those in the settings if possible. This one, for instance, has to do with the lock screen, which is a permission you’ll have to allow to load the app… and cannot be changed.
It’s rare that an app has this type of flaw, but it happens. The important thing is to identify and rectify the problem, which is being done. The makers of Viber are working on a fix, and say they’ll have a solution in a week or so. Until then, keep an eye on your device.