{"id":143340,"date":"2024-08-16T11:22:47","date_gmt":"2024-08-16T09:22:47","guid":{"rendered":"https:\/\/sftarticles.wpenginepowered.com\/es\/?p=338633"},"modified":"2025-06-12T10:44:40","modified_gmt":"2025-06-12T09:44:40","slug":"des-millions-de-telephones-google-pixel-pourraient-etre-vulnerables-a-une-cyberattaque-fatale","status":"publish","type":"post","link":"https:\/\/cms-articles.softonic.io\/fr\/des-millions-de-telephones-google-pixel-pourraient-etre-vulnerables-a-une-cyberattaque-fatale\/","title":{"rendered":"Des millions de t\u00e9l\u00e9phones Google Pixel pourraient \u00eatre vuln\u00e9rables \u00e0 une cyberattaque fatale"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\">L&#8217;entreprise de cybers\u00e9curit\u00e9 iVerify a r\u00e9cemment d\u00e9couvert une grave vuln\u00e9rabilit\u00e9 qui affecte des millions de smartphones Pixel dans le monde et a publi\u00e9 ses conclusions dans un nouveau rapport.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/iverify.io\/blog\/iverify-discovers-android-vulnerability-impacting-millions-of-pixel-devices-around-the-world\" target=\"_blank\" rel=\"noopener nofollow\" title=\"\">Selon le document<\/a>, le logiciel d\u00e9fectueux en question s&#8217;appelle Showcase.apk. Il a \u00e9t\u00e9 initialement d\u00e9velopp\u00e9 par l&#8217;entreprise Smith Micro Software pour <a href=\"https:\/\/www.washingtonpost.com\/technology\/2024\/08\/15\/google-sold-android-phones-with-hidden-insecure-feature-companies-find\/\" target=\"_blank\" rel=\"noopener nofollow\" title=\"\">les appareils de d\u00e9monstration dans les magasins Verizon<\/a>.<\/p>\n\n\n<div class=\"sc-card-affiliation\">\r\n  <div class=\"sc-card-affiliation__content\">\r\n    <a href=\"https:\/\/www.amazon.fr\/dp\/B0CXJ9XSVZ\/?tag=editorial_chemac-21\" class=\"sc-card-affiliation__badge\" target=\"_blank\" rel=\"noopener noreferrer\">-16 %<\/a>\r\n    <div class=\"sc-card-affiliation__image\">\r\n      <a href=\"https:\/\/www.amazon.fr\/dp\/B0CXJ9XSVZ\/?tag=editorial_chemac-21\" target=\"_blank\" rel=\"noopener noreferrer\">\r\n                <img decoding=\"async\" src=\"https:\/\/m.media-amazon.com\/images\/I\/71JTIdBUvYL._AC_SL1500_.jpg\">\r\n            <\/a>\r\n    <\/div>\r\n\r\n    <div class=\"sc-card-affiliation__body\">\r\n      <div class=\"sc-card-affiliation__text\">\r\n        <h3>\r\n                    <a href=\"https:\/\/www.amazon.fr\/dp\/B0CXJ9XSVZ\/?tag=editorial_chemac-21\" target=\"_blank\" rel=\"noopener noreferrer\">Google Pixel 8a<\/a>\r\n                <\/h3>\r\n        <p class=\"sc-card-affiliation__supplier\">\r\n          De: <strong>Amazon<\/strong>\r\n        <\/p>\r\n        <p class=\"sc-card-affiliation__price\">\r\n          459 \u20ac <strike>549 \u20ac<\/strike>\r\n        <\/p>\r\n      <\/div>\r\n      <div class=\"sc-card-affiliation__cta\">\r\n        <a href=\"https:\/\/www.amazon.fr\/dp\/B0CXJ9XSVZ\/?tag=editorial_chemac-21\" target=\"_blank\" class=\"sc-card-affiliation__button\" rel=\"noopener noreferrer\">Voir sur Amazon<\/a>\r\n      <\/div>\r\n    <\/div>\r\n  <\/div>\r\n<\/div>\n\n\n\n<p class=\"wp-block-paragraph\">Gr\u00e2ce \u00e0 ce logiciel, les vendeurs ont un acc\u00e8s complet aux nombreuses fonctionnalit\u00e9s d&#8217;un t\u00e9l\u00e9phone Pixel afin de \u00ab\u00a0montrer comment elles fonctionnent\u00a0\u00bb aux clients int\u00e9ress\u00e9s par le mod\u00e8le pr\u00e9sent\u00e9.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Normalement, Showcase est inactif et ne fait rien. <strong>Cependant, il est possible qu&#8217;un pirate l&#8217;active via une porte d\u00e9rob\u00e9e.<\/strong><\/p>\n\n\n\n<figure class=\"wp-block-embed is-type-rich is-provider-twitter wp-block-embed-twitter\"><div class=\"wp-block-embed__wrapper\">\n<blockquote class=\"twitter-tweet\" data-width=\"550\" data-dnt=\"true\"><p lang=\"en\" dir=\"ltr\">Google Pixel phones sold with security vulnerability, report finds <a href=\"https:\/\/t.co\/mKfyEeKrF2\">https:\/\/t.co\/mKfyEeKrF2<\/a><\/p>&mdash; The Verge (@verge) <a href=\"https:\/\/twitter.com\/verge\/status\/1824133002768646617?ref_src=twsrc%5Etfw\">August 15, 2024<\/a><\/blockquote><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script>\n<\/div><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">Ce que cette APK peut faire sur les t\u00e9l\u00e9phones Google<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>L&#8217;APK (Android Package Kit) r\u00e9cup\u00e8re son fichier de configuration \u00e0 partir d&#8217;un domaine non s\u00e9curis\u00e9 sur Amazon Web Services.<\/strong> En th\u00e9orie, un acteur malveillant pourrait intercepter ces connexions ou usurper l&#8217;identit\u00e9 du site web et injecter des logiciels malveillants ou des logiciels espions dans un t\u00e9l\u00e9phone Pixel. De plus, \u00e9tant donn\u00e9 que Showcase dispose de \u00ab\u00a0privil\u00e8ges syst\u00e8me excessifs\u00a0\u00bb, il est facile pour les cybercriminels de <a href=\"https:\/\/iverify.io\/press-releases\/iverify-discovers-severe-android-vulnerability-impacting-millions-of-devices-around-the-world\" target=\"_blank\" rel=\"noopener nofollow\" title=\"\">compromettre une cible<\/a>.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Ce qui est particuli\u00e8rement effrayant, c&#8217;est que Showcase fait partie de l&#8217;\u00e9cosyst\u00e8me Google Pixel depuis septembre 2017.<\/strong> Pire, l&#8217;utilisateur moyen ne peut pas supprimer l&#8217;APK via le processus de d\u00e9sinstallation standard, car il est consid\u00e9r\u00e9 comme une application de niveau syst\u00e8me. iVerify affirme que \u00ab\u00a0seul Google peut r\u00e9soudre\u00a0\u00bb ce probl\u00e8me.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Quelle que soit la gravit\u00e9 de la situation, il y a de bonnes nouvelles<\/strong>. Tout d&#8217;abord, il semble que personne, m\u00eame les pirates informatiques, ne connaissait la faille. Un porte-parole de Google a d\u00e9clar\u00e9 au Washington Post qu\u2019aucune attaque pouvant \u00eatre li\u00e9e \u00e0 Showcase n\u2019a \u00e9t\u00e9 constat\u00e9e.<\/p>\n\n\n<div class=\"sc-card-affiliation\">\r\n  <div class=\"sc-card-affiliation__content\">\r\n    <a href=\"https:\/\/www.amazon.fr\/dp\/B0CXJ9XSVZ\/?tag=editorial_chemac-21\" class=\"sc-card-affiliation__badge\" target=\"_blank\" rel=\"noopener noreferrer\">-16 %<\/a>\r\n    <div class=\"sc-card-affiliation__image\">\r\n      <a href=\"https:\/\/www.amazon.fr\/dp\/B0CXJ9XSVZ\/?tag=editorial_chemac-21\" target=\"_blank\" rel=\"noopener noreferrer\">\r\n                <img decoding=\"async\" src=\"https:\/\/m.media-amazon.com\/images\/I\/71JTIdBUvYL._AC_SL1500_.jpg\">\r\n            <\/a>\r\n    <\/div>\r\n\r\n    <div class=\"sc-card-affiliation__body\">\r\n      <div class=\"sc-card-affiliation__text\">\r\n        <h3>\r\n                    <a href=\"https:\/\/www.amazon.fr\/dp\/B0CXJ9XSVZ\/?tag=editorial_chemac-21\" target=\"_blank\" rel=\"noopener noreferrer\">Google Pixel 8a<\/a>\r\n                <\/h3>\r\n        <p class=\"sc-card-affiliation__supplier\">\r\n          De: <strong>Amazon<\/strong>\r\n        <\/p>\r\n        <p class=\"sc-card-affiliation__price\">\r\n          459 \u20ac <strike>549 \u20ac<\/strike>\r\n        <\/p>\r\n      <\/div>\r\n      <div class=\"sc-card-affiliation__cta\">\r\n        <a href=\"https:\/\/www.amazon.fr\/dp\/B0CXJ9XSVZ\/?tag=editorial_chemac-21\" target=\"_blank\" class=\"sc-card-affiliation__button\" rel=\"noopener noreferrer\">Voir sur Amazon<\/a>\r\n      <\/div>\r\n    <\/div>\r\n  <\/div>\r\n<\/div>\n\n\n\n<p class=\"wp-block-paragraph\">Et ils ont affirm\u00e9 qu&#8217;il n&#8217;y a pas de preuve d&#8217;une \u00ab\u00a0exploitation active\u00a0\u00bb, sugg\u00e9rant m\u00eame qu&#8217;une telle attaque serait \u00ab\u00a0peu probable\u00a0\u00bb.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Google est conscient du probl\u00e8me.<\/strong> Le g\u00e9ant technologique a d\u00e9clar\u00e9 \u00e0 <a href=\"https:\/\/www.forbes.com\/sites\/zakdoffman\/2024\/08\/15\/new-pixel-warning-as-pixel-9-pixel-9-pro-pixel-9-pro-fold-release\/\" target=\"_blank\" rel=\"noopener nofollow\" title=\"\">Forbes<\/a> prende des mesures \u00ab\u00a0par pr\u00e9caution\u00a0\u00bb et pr\u00e9voir de mettre en place une solution sur tous les \u00ab appareils Pixel compatibles sur le march\u00e9\u00a0\u00bb. En ce qui concerne la s\u00e9rie Pixel 9, pas d\u2019inqui\u00e9tude : aucun des quatre mod\u00e8les ne dispose de Showcase.apk.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>En th\u00e9orie, un acteur malveillant pourrait intercepter les connexions entre le logiciel defectueux et un domaine non s\u00e9curis\u00e9 ou usurper l&#8217;identit\u00e9 du site web et injecter des logiciels malveillants ou des logiciels espions dans un t\u00e9l\u00e9phone Pixel. <\/p>\n","protected":false},"author":9265,"featured_media":143342,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","wpcf-pageviews":1},"categories":[16761],"tags":[2535],"usertag":[],"vertical":[],"content-category":[],"class_list":["post-143340","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news","tag-smartphones"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cms-articles.softonic.io\/fr\/wp-json\/wp\/v2\/posts\/143340","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cms-articles.softonic.io\/fr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cms-articles.softonic.io\/fr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/fr\/wp-json\/wp\/v2\/users\/9265"}],"replies":[{"embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/fr\/wp-json\/wp\/v2\/comments?post=143340"}],"version-history":[{"count":1,"href":"https:\/\/cms-articles.softonic.io\/fr\/wp-json\/wp\/v2\/posts\/143340\/revisions"}],"predecessor-version":[{"id":160471,"href":"https:\/\/cms-articles.softonic.io\/fr\/wp-json\/wp\/v2\/posts\/143340\/revisions\/160471"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/fr\/wp-json\/wp\/v2\/media\/143342"}],"wp:attachment":[{"href":"https:\/\/cms-articles.softonic.io\/fr\/wp-json\/wp\/v2\/media?parent=143340"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/fr\/wp-json\/wp\/v2\/categories?post=143340"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/fr\/wp-json\/wp\/v2\/tags?post=143340"},{"taxonomy":"usertag","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/fr\/wp-json\/wp\/v2\/usertag?post=143340"},{"taxonomy":"vertical","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/fr\/wp-json\/wp\/v2\/vertical?post=143340"},{"taxonomy":"content-category","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/fr\/wp-json\/wp\/v2\/content-category?post=143340"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}