Qualcomm Chip Bug Put Millions Of Android Devices At Security Risk: What We Know

By Explorer -

Millions of Android smartphones across the world were affected by a severe vulnerability inside Qualcomm chipsets, which allowed hackers to break into the affected devices and gain access to users' text messages, call history as well as listen in to their conversations. 

Researchers with the Israeli cybersecurity firm Check Point had notified the American semiconductor company about the bug last year, following which it sent security updates to all those affected devices a couple of months later in December.

ALSO READ: Apple Paid Hacker Rs 75 Lakh For Finding Security Hole In Safari Browser

The affected hardware--Qualcomm's Mobile Station Modem (MSM) Interface--is a series of 2G, 3G, 4G, and 5G-capable systems on chips (SoCs), which is used in roughly 30 per cent of phones in the world manufactured by multiple OEMs, including Samsung, Xiaomi, OnePlus and Google.

Qualcomm Snapdragon 870 5G Mobile PlatformQualcomm

Researchers explained that Qualcomm's MSM Interface allows the chipset to communicate with the smartphone’s operating system for capabilities such as voice, SMS, and high-definition recording.

ALSO READ: Indian Guy Awarded $50,000 By Microsoft For Spotting Hacker Vulnerability

But this security flaw within Qualcomm’s proprietary interface (QMI) “can be used to control the modem and dynamically patch it from the application processor,” the cyber security solutions provider highlighted in a new blog post.

“An attacker can use such a vulnerability to inject malicious code into the modem from Android. This gives the attacker access to the user’s call history and SMS, as well as the ability to listen to the user’s conversations.

“A hacker can exploit the vulnerability to unlock the SIM, thereby overcoming the limitations of the service providers imposed on the mobile device,” the post added.

verkada tesla hackGetty Images

Simply put, a malicious app installed on your phone could exploit the heap overflow weakness and plant malicious code inside the Qualcomm’s MSM Interface to hide their activity--effectively, rendering themselves invisible to Android’s security features that detect such malicious activity.

ALSO READ: UP Govt's COVID-19 Tracker Bug Exposed Over 80 Lakh People's Private Data

When the news broke last year, a Qualcomm spokesperson told Indiatimes that it “encourages end users to update their devices as patches become available and to only install applications from trusted locations such as the Google Play Store.”

And while Qualcomm released a patch to mobile vendors in December last year and disclosed the bug to all customers who use the chip, it’s still not clear which vulnerable Android devices are fixed and which ones aren’t.

Samsung xiaomi apple phoneReuters

“The mobile vendors themselves must apply the fix,” a Check Point spokesperson told The Record, while another told ArsTechnica that “the implementation of these fixes takes time, so some of the phones may still be prone to the threat”.

Either way, Qualcomm recommends that users contact their phone manufacturers to understand the status of their fixes for their specific devices.

Source: https://www.indiatimes.com/technology/news/qualcomm-chip-bug-millions-of-android-devices-security-risk-539992.html

Comments

Post a Comment

Popular posts from this blog

How a cyber attack hampered Hong Kong protesters

By Explorer -
Image
Massive public protests taking place in Hong Kong over the past week are aimed at a new extradition law, known as the Fugitive Offenders Ordinance , that would see accused criminals extradited to mainland China to face prosecution. Hongkongers feel the law could be used to legalise the kidnapping of people who express views, and act in ways, that are not popular with the Chinese government . The same law could also be used to extradite tourists and visitors to China who are arrested on suspicion of having committed these crimes. Protesters want the bill scrapped. For now, debate of the legislation has been postponed . Organisers say one million people turned out for the protests, while police estimate the number was around 240,000. Either way, it was a significant number of Hong Kong’s 7.5 million population. Commentators on Twitter remarked on how well organised the protesters were. So, how did they do it? Protesters across the world are using n
Read more

‘Not Hospital, Al-Shifa is Hamas Hideout & HQ in Gaza’: Israel Releases ‘Terrorists’ Confessions’ | Exclusive

By Explorer -
 According to a video of interrogation of "Hamas terrorists" released by Israel Security Agency Shin Bet, accessed exclusively by News18, "The Shifa hospital has been made with many considerations as Hamas knew that medical places won’t be attacked by the enemy. Equipment, explosives and other material has been kept there." Hamas is using hospitals in Gaza as covers and have turned them into ammunition depots, according to a video of interrogation of “Hamas terrorists" released by  Israel Security Agency  Shin Bet, accessed exclusively by News18. ALSO READ | Israel-Hamas War LIVE Updates  HERE The Israeli military has claimed that those featuring in the video released on Saturday are Hamas terrorists, who participated in the  October 7 attack  on Israel. “Most of the tunnels are hidden in hospitals. There are multiple underground levels. Al-Shifa Hospital is not small, it is a big place that can be used to hide things," a man is seen saying. “The Al-Shifa
Read more

Islam Has Massacred Over 669+ Million Non-Muslims Since 622AD

By Explorer -
Image
In fact, no ideology has been as genocidal as Islam… Islam has killed more than 5 times the number of people killed by communism. In the total numbers we have updated over 80 million Christians killed by Muslims in 500 years in the Balkan states, Hungary, Ukraine, Russia. Then we have India. The official estimate number of Muslim slaughters of Hindus is 80 million. However, Muslim historian Firistha (b. 1570) wrote (in either Tarikh-i Firishta or  the Gulshan-i Ibrahim) that Muslims slaughtered over 400 million Hindus up to the peak of Islamic rule of India, bringing the Hindu population down from 600 mil to 200 million at the time. With these new additions the Muslim genocide of non-Muslims since the birth of Mohammed would be  over 669 million murders. Islam: The Religion of Genocide Perspective:   Think the Spanish inquisition was bad? More people are killed by Islamists each year than in all 350 years of the Spanish Inquisition* combined. The Spanish inquisition ( Tribunal del Sant
Read more