Malicious power chargers too!

The internet of things hates you.

Google has shut down a "high-severity" exploit in its Nexus 6 and 6P phones which gave attackers with USB access the opportunity to take over the onboard modem during boot-up—allowing them to listen in on phonecalls, or intercept mobile data packets.

The vulnerability was part of a cluster of security holes found by security researchers at IBM's X-Force all related to a flaw—tagged CVE-2016-8467—in the phones' bootmode, which uses malware-infected PCs and malicious power chargers to access hidden USB interfaces. Patches were rolled out before the vulnerabilities were made public, in November for the Nexus 6, and January for the 6P.

The exploit also allowed access to find the phone's "exact GPS coordinates with detailed satellite information, place phone calls, steal call information, and access or change nonvolatile items or the EFS partition."

It was complex to activate, requiring the victim to have Android Debug Bridge (ADB) enabled on their devices—a debugging mode used by developers to load APKs onto Android phones—and to have manually authorised ADB connectivity with the infected PC or charger. However, according to the researchers, there were significant workarounds.

More: http://arstechnica.com/security/2017/01/google-plugs-severe-android-bootmode-vulnerability/