Android Security Breach Exposes Millions

Android Security Breach Exposes MillionsAs if there weren’t already enough reasons for you to secure your mobile devices, today it was reported that nearly 900 million Android devices had been exposed due to four major security holes in Qualcomm chipsets. Check Point, a security firm, disclosed the vulnerabilities this Sunday at the DEF CON 24 hacking conference in Las Vegas.

If these vulnerabilities are exploited, an attacker could easily gain access to the device and expose the vulnerabilities in the chipsets’ software using malicious applications. “Since the vulnerable drivers are pre-installed on devices at the point of manufacture, they can only be fixed by installing a patch from the distributor or carrier. Distributors and carriers issuing patches can only do so after receiving fixed driver packs from Qualcomm. This situation highlights the inherent risks in the Android security model. Critical security updates must pass through the entire supply chain before they can be made available to end users. Once available, the end users must then be sure to install these updates to protect their devices and data.”

Although Google, BlackBerry, and Google have not yet responded to the issue, Check Point is offering a free QuadRooter detection application through Google Play, which tests devices for the vulnerability. If the app finds a problem on your phone related to the Qualcomm chips, it will then prompt you to take action. If you believe that you may have an affected device, you should ensure that you have the latest software updates on your Android device. Check Point has warned users to only download verified applications from the Google Play store, rather than through third party vendors. You should also check the permissions that an applications asks for and install software updates as soon as they become available. Even though researchers haven’t detected any cyber-criminal exploiting the bug,its believed that they could use it within a few months.

Last year, Android users experienced similar security woes with the Stagefright flaw in Android’s multimedia processing.

Most of the current Android Devices have been effected by the security flaws including:

  • BlackBerry Priv
  • Blackphone 1 and Blackphone 2
  • Google Nexus 5X, Nexus 6, and Nexus 6P
  • HTC One, HTC M9, and HTC 10
  • LG G4, LG G5, and LG V10
  • New Moto X by Motorola
  • OnePlus One, OnePlus 2, and OnePlus 3
  • Samsung Galaxy S7 and Samsung S7 Edge
  • Sony Xperia Z Ultra

 

Tess Hanna

Tess Hanna is an editor and writer at Solutions Review covering Backup and Disaster Recovery, Business Process Management, and Talent Management. She aims to simplify the research process for IT professionals. You can contact her at thanna@solutionsreview.com