900M Android Devices Affected by New Security Flaw
Vulnerabilities have affected 900 million Android smartphones and tablets that use chipsets from component maker Qualcomm. The security firm Check Point made the announcement Sunday at the DEF CON 24 hacking conference held in Las Vegas.
The firm reported four vulnerabilities named “QuadRooter.” If an Android device is affected via the Qualcomm chipset, a cyber criminal can take control of it the moment a vulnerability is exploited.
If a device is hacked, it could exploit the vulnerabilities in the chipsets’ software drivers via a malicious app. According to Check Point, the only solution is installing a patch from the distributor given that the drivers are pre-installed.
There’s a big chance devices within your organization have been affected as Qualcomm is said to be the world’s leading designer of LTE chipsets, and hold a 65 percent share of the LTE modem baseband market.
The following Android devices use Qualcomm chipsets:
- BlackBerry Priv
- Blackphone 1 and Blackphone 2
- Google Nexus 5X, Nexus 6 and Nexus 6P
- HTC One, HTC M9 and HTC 10
- LG G4, LG G5, and LG V10
- New Moto X by Motorola
- OnePlus One, OnePlus 2 and OnePlus 3
- Samsung Galaxy S7 and Samsung S7 Edge
- Sony Xperia Z Ultra
However, the BBC reported that no evidence has been found to show that vulnerabilities are actually being used in attacks.
Michael Shaulov, head of mobility product management at Check Point, told the BBC that he believes the vulnerabilities will be used, “in the next three to four months.”
Still, the situation makes Android’s security risks even more prevalent and, according to a recent Check Point blog post, security updates should go through the “entire supply chain before they can be made available to end users.”
The post went on to say, “Without an advanced mobile threat detection and mitigation solution on the Android device, there is little chance a user would suspect any malicious behavior has taken place.”
Check Point also highlighted the risks for your organization, should an employee’s phone be hacked. If a cyber criminal gains control of a device, they could also have access to sensitive personal and enterprise data along with capabilities like GPS tracking and key-logging.
The firm suggests that employees follow this list of best practices to keep their devices secure:
- Download and install the latest Android updates as soon as they become available. These include important security updates that help keep your device and data protected.
- Understand the risks of rooting your device – either intentionally or as a result of an attack.
- Examine carefully any app installation request before accepting it to make sure it’s legitimate.
- Avoid side-loading Android apps (.APK files) or downloading apps from third-party sources. Instead, practice good app hygiene by downloading apps only from Google Play.
- Read permission requests carefully when installing any apps. Be wary of apps that ask for permissions that seem unusual or unnecessary or that use large amounts of data or battery life.
- Use known, trusted Wi-Fi networks or while traveling use only those that you can verify are provided by a trustworthy source.
- End users and enterprises should consider using mobile security solutions designed to detect suspicious behavior on a device, including malware that could be obfuscated within installed apps.
They suggest steps for enterprises as well:
- Enterprises should deploy a mobile security solution that detects and stops advanced mobile threats.
- Contact your mobility, IT, or security team for more information about how it secures managed devices.
- Use a personal mobile security solution that monitors your device for any malicious behavior.
Qualcomm has reportedly not yet commented on the situation, according to MSN.com.
Check Point has a QuadRooter scanner app on Google Play that will test devices for the vulnerability, for free. Click here to see if yours is at risk.
