Close to one billion Android devices powered by Qualcomm processors are affected by a serious security flaw. The issue was recently exposed by researchers from an international cyber security company called Check Point. The “QuadRooter” allows for vulnerabilities that can be used by hackers to take total control of the phone, providing them with un-restricted access to data within and capabilities such as key logging, GPS tracking and recording media.
According to a source from Check Point, no one at this point has an android device that is completely secure, and there are issues about who fixes what between Qualcomm and Google.The issue can be triggered when a hacker tricks users into installing an app via links. These links, unlike genuine links, wouldn’t contain a permission request to allow for access. So basically it gives the attacker the all-data access, allowing them to view data and use the camera and microphone. Several devices such as BlackBerry, Nexus 5x, Nexus 6, HTC One, and so on have been already affected and are also vulnerable to these attacks. This is not the first time such a security breach happened with Android devices. Earlier this year, although soon rectified, a security glitch was discovered by a security research firm called FireEye that could access users’ text messages and call logs.
Check Point said in a blog post that the issue could be fixed only if the OEMs or carriers issue a software patch, as the fix should happen at the manufacturing level. The patches are not expected to be created soon, leaving users and devices vulnerable.
Check Point recommends users to –
- Install the latest Android updates as soon as they become available.
- Avoid side-loading apk files.
- Pay attention to app permission requests while installing apps.
“We were notified by the researcher about these vulnerabilities between February and April of this year, and made patches available for all four vulnerabilities to customers, partners, and the open source community between April and July. We continue to work proactively both internally as well as with security researchers to identify and address potential security vulnerabilities.” a Qualcomm spokesperson said.
We are an up and coming consultancy aiming to simplify digital media for business. Visit our website to learn more about our service offerings.