Some of the latest Android devices may about to be affected by a very big security scare, as four vulnerabilities have been found in one of the major parts of quite a few smartphones.
Uncovered by Check Point security, several variants of a Qualcomm chipset used in quite a few Android smartphones may have ways for an attacker to break in, making these exploits unusual simply because it’s not Android that is necessarily affected, but rather the hardware commonly used by manufacturers.
Not all Android phones that are affected, but quite a few released locally are, including Google’s current Nexus 5X and 6P, LG’s G4 and G5, HTC’s M9 and 10, and at least one entry from Sony, with Check Point’s Chris Rodrigues telling Pickr that “most users would not be aware that their device is compromised”.
“While the number of devices actually affected remains unknown, seeing how easy it is to tap into a device really drives this threat home to users,” he said.
Check Point’s research indicates that the vulnerabilities would enable hackers to break into a device and take full control, with the four exploits being nicknamed “QuadRooter” due to how they essentially work.
As bad as this is — and as severe as the ramifications could be — we’ve not yet heard of any hacker taking advantage of the flaws, and fortunately most manufacturers are jumping onto the news and working on fixes now.
In fact, while Check Point identifies Samsung’s Galaxy S7 and S7 Edge as possible culprits, Samsung in Australia is in the ideal position of not needing to worry, since Australian (and indeed most international variants) don’t use Qualcomm’s chipset, opting instead for Samsung’s own unaffected chipset.
But even though fixes are being made for some other phones, scammers are also cashing in on the needed fixes with fake patching apps for affected phones.
Security group ESET has picked up on at least two so far adopting a paid approach and asking users to fork out up to two dollars for an app that advertised a patch for the fix, but would instead act as malware and bombard the user with mobile ads instead.
“In the past, we have seen this technique used to target users through the Windows platform,” said Nick FitzGerald, Senior Research Fellow at ESET.
“For example, some e-criminals would trick online stores into installing a fake security patch for a critical vulnerability in the Magento ecommerce platform. This technique would allow hackers to easily access the admin credentials for vulnerable e-stores. One of those attacks relied on a fake patch to deliver malware which then used the very bug that it was supposed to be fixing.”
Fortunately Google is already on top of the scammers, removing the affected fraudulent applications so you don’t have to worry about the apps or accidentally buying them.
In general, you don’t have to at all, and this is partly because the phone manufacturers are working with the affected chipset maker Qualcomm to release fixes that should be arriving shortly. We’ve already heard that BlackBerry is the first out of the gate, though Google has already started patching the problems, while other manufacturers are investigating the situation.
In other news, you probably don’t have to worry, but it’s good to be aware of just what’s going on.