Club Benefits
You are now subscribed
Your newsletter sign-up was successful
Want to add more newsletters?
Daily (Mon-Sun)
Tom's Guide Daily
Sign up to get the latest updates on all of your favorite content! From cutting-edge tech news and the hottest streaming buzz to unbeatable deals on the best products and in-depth reviews, we’ve got you covered.
Weekly on Thursday
Tom's AI Guide
Be AI savvy with your weekly newsletter summing up all the biggest AI news you need to know. Plus, analysis from our AI editor and tips on how to use the latest AI tools!
Weekly on Friday
Tom's iGuide
Unlock the vast world of Apple news straight to your inbox. With coverage on everything from exciting product launches to essential software updates, this is your go-to source for the latest updates on all the best Apple content.
Weekly on Monday
Tom's Streaming Guide
Our weekly newsletter is expertly crafted to immerse you in the world of streaming. Stay updated on the latest releases and our top recommendations across your favorite streaming platforms.
Join the club
Get full access to premium articles, exclusive features and a growing list of member rewards.
Are you addicted to Trivia Crack? Security researcher Randy Westergren's wife is, and that piqued the white-hat hacker's curiosity. After examining the source code of the popular new mobile game's Android app, Westergren discovered that players can game the system easily, and he used that knowledge to illustrate potential vulnerabilities in other Android apps.
Westergren detailed his research on his blog, where he explained how he monitored the app's communications with the Trivial Crack servers, then decompiled the app's installer file, or APK, into source code. Apparently, when a round begins, Trivia Crack's servers send a question AND its correct answer to a user's phone before he or she ever spins the question wheel, and therein lies the hack.
MORE: 10 Best Trivia Game Apps
Trivia Crack's programmers included a developer tool in the game's source code known as ANSWERS_CHEAT, which keys users into the correct answer on a zero-based scale. For example, if the first choice is the right one, users will see a (0) next to the question. If the second answer is correct, users will see a (1), and so on.
Westergren tweaked the code to display the number of the correct answer next to the question, recompiled the APK, installed it and found that it worked just fine. He's made the hacked version of the app available for free download (the link is on his blog post), but claims he is "not responsible for any immoral gameplay."
Indeed, while using the exploit could give Android users a competitive edge, it also defeats the purpose of playing a trivia game. Users who play on Apple devices or computers cannot use it, unless they discover similar vulnerabilities in the source code for other platforms.
Cheating at a trivia game is one thing, but Westergren, as a security researcher, is more interested in how an oversight like this one might affect other Android apps. Leaving developer tools in the source code for a banking or social networking app could open the doors for some potentially more dangerous hacks, and from potentially less reputable agents than security researchers.
In order to prevent potentially malicious apps, it's best to disallow app installation from unknown sources in the security settings menu of your Android device. It's turned off by default, so unless you've turned it on, you should be well-protected.
Of course, this won't prevent other people from using the Trivia Crack hack for their own gain, but you can counter that with your superior knowledge of '90s television and NFL history, can't you?
- Scariest Security Threats Headed Your Way: Special Report
- Microsoft Bombs Antivirus Tests Yet Again
- Fitness Bands Found to Be Ripe for Hacking
Marshall Honorof is a senior writer for Tom's Guide. Contact him at mhonorof@tomsguide.com. Follow him @marshallhonorof. Follow us @tomsguide, on Facebook and on Google+.
