Over 900 million Android smartphones are vulnerable to this crippling hack
There’s nothing more unsettling than the prospect of someone gaining entry into the more intimate moments of your personal life. Thanks to a set of four previously unknown security vulnerabilities present in Android phones using Qualcomm chips, more than 900 million people could soon face that very unnerving prospect.
Dubbed “Quadrooter”, the vulnerabilities allow an attacker to take root access of a device, giving them full access to a phone’s storage and hardware controls. This means a would-be hacker could switch a microphone on and listen in on conversations, take photos with the device camera and even delete files or clone them for their own use.
Discovered by security firm Check Point, and revealed by their mobile security researcher Adam Donenfeld at the DEF CON security conference, the vulnerability is present in over 80% of Android handsets. The team has handily put together a guide and scanning tool so you can find out whether your device is vulnerable. Some vulnerable devices listed by the company include the Google Nexus 5X, 6 and 6P, as well as the Samsung Galaxy S7 and S7 Edge. Even the super-secure Blackphone 1 and 2 and the BlackBerry Priv are listed as being open to the attack.
There is some solace in all of this, though: for an attack to be successful, a hacker would have to force you to install a piece of malware on your device, but Qualcomm claims that it’s issued patches for all four of its chips’ vulnerabilities. In fact, Google has confirmed that three of the four flaws were fixed in the latest set of security updates, with the fourth vulnerability due to be patched in September.
If you’re wondering how such a huge security flaw could come about, it’s really down to how Android phones are manufactured. Unlike Apple’s devices, which are designed and manufactured entirely in-house, Android phones are built in two stages. Google creates the software and third-party companies – such as Qualcomm – design and build the chips and hardware. Just by outsourcing this process, Android devices are more at risk of a high-level flaw, as it’s more difficult for Google to ensure complete security.
What this really tells us is that it pays to keep your phone up to date with the latest software and security updates.