Researchers have discovered that notifications from apps like WhatsApp or Slack can activate the Google Gemini assistant on Android without the user's authorization. This flaw allows an attacker to send commands or steal personal data by opening the app through the notification. For citizens, this represents a direct risk to privacy and information security on their mobile devices. Keeping the system updated and reviewing notification permissions are necessary steps to protect oneself.
The technical mechanism behind the security flaw 🔒
The vulnerability exploits the integration between the Android notification system and the Gemini assistant. When an app sends a notification, the system processes it to display content on the interface. However, if the attacker manipulates the notification content, they can trick Gemini into executing commands without user interaction. This occurs because the assistant interprets the text as a direct command, bypassing the usual permission controls. Google has already been notified, and a fix is expected in future operating system security updates.
Your phone now has a split personality and didn't tell you 📱
So it turns out your phone, the one you carry everywhere, now has an assistant that obeys notifications as if they were divine commands. The worst part is that it doesn't warn you: a simple WhatsApp message can make Gemini start working without you having asked for anything. It's like having an employee who responds to any email that arrives at the office, including those from the spam list. Perhaps the best thing to do is put a do not disturb sign on notifications before they decide for you which app to open.