Researchers found serious security flaws in software used by hundreds of millions of devices with Android operating system that could allow access by attackers to data phone of their victims.
The flaws were discovered by researchers from security firm Checkpoint, chipset made by the US company Qualcomm .
There Qualcomm processors in a 900 000 000 Android phone , Checkpoint said.
There is no evidence that vulnerabilities are being exploited at present by thieves of cyberspace.
“I’m sure that will be used within the next three to four months “said Michael Shaulov spokesman Checkpoint
.” it’s a race to see who can find fault first. good or bad “
the affected devices include these models
- BlackBerry Priv and Dtek50
- blackphone blackphone 1 and 2
- Google Nexus 5X Nexus Nexus 6 d 6P
- HTC One, HTC M9 and HTC 10
- LG G4, LG G5, and LG V10
- New Motorola Moto X
- OnePlus One, OnePlus OnePlus 2 and 3
- The US versions of the Samsung Galaxy S7 and Samsung S7 Edge
- Sony Xperia Z Ultra
According Shaulov six months of work “reverse engineering” on the code of Qualcomm revealed the problems.
the flaws were found in programs that handle graphics and the code that controls communications between different processes within a phone .
achieve exploit, an attacker could take over gradually from one device and access the data stored on it, with the ability to change or delete files system, delete or add applications and access the camera, microphone or screen.
Checkpoint and gave information on the failure to Qualcomm.
The latter company created patches to resolve flaws and began using its factories improved versions.
also distributed patches to manufacturers and mobile operators.
However, it is unclear which companies issued an update for its customers install .
Checkpoint created A free application, QuadRooter Scanner which you can use to check if your phone is vulnerable to some failures.
the application identifies whether patches have been downloaded and installed on the device.
in addition, Shaulov recommended that owners of Android phones that only down my the official store Google Play to avoid falling into the hands of malicious programs.
“they should also call whoever they sold the phone His operator or manufacturer – and ask send them patches “he added
Qualcomm has not responded to a request for interview. the BBC.
No comments:
Post a Comment