According to the researchers at security firm Check Point, "Hundreds of millions of Android smartphones may be at risk from a security flaw that allows hackers to hijack a handset without a victim's knowledge. Devices made by Samsung, HTC, LG and ZTE, including those running the latest version of Android, are potentially vulnerable. Check point has dubbed the flaw "Certifi-gate."
The company said that software installed on smartphones by the manufacturers, which cannot be disabled by users, could be exploited by malicious apps, giving them privileged access to the device.
This means hackers could steal contact information and other personal data, track a user's location, and remotely activate the smartphone's microphone without the user's knowledge. Gabi Reish, Check Point's vice president of product management stated that "it would make it a remote spying device."
Separately, both Google and Samsung said on Thursday that they would release regular security updates for Android phones after hundreds of millions were found to be susceptible to hackers, simply by receiving a message.
A Google spokesperson said: "We want to thank the researcher for identifying the issue and flagging it for us. The issue they've detailed pertains to customizations original equipment manufacturers make to Android devices and they are providing updates which resolve the issue. Nexus devices are not affected and we haven't seen attempts to exploit this."
To download Check Point's special report, click here.