Is your phone at risk? Security flaw in 900 MILLION Android devices could give hackers complete access to your data
Owners of Android phones have been warned of a serious security flaw that could give attackers complete access to a phone’s data.
The problem has been identified in software used in about 900 million Android phones, including the HTC One, and Sony Xperia Z Ultra.
While there is currently no evidence of the flaws being used by hackers, experts say it is a race as to who finds the bug first.
WHICH DEVICES MIGHT BE AFFECTED?
- BlackBerry Priv and Dtek50
- Blackphone 1 and Blackphone 2
- Google Nexus 5X, Nexus 6 and Nexus 6P
- HTC One, HTC M9 and HTC 10
- LG G4, LG G5, and LG V10
- New Moto X by Motorola
- OnePlus One, OnePlus 2 and OnePlus 3
- US versions of the Samsung Galaxy S7 and Samsung S7 Edge
- Sony Xperia Z Ultra
The glitch was found by researchers from Checkpoint, who posted about it in ablog.
The problem appears to affect phones which run on Qualcomm processors, which the blog estimates to be around 900 million devices.
Speaking to theBBC, Michael Shaulov, head of mobility product management at Checkpoint, said: ‘I'm pretty sure you will see these vulnerabilities being used in the next three to four months.
‘It's always a race as to who finds the bug first, whether it's the good guys or the bad.’
Checkpoint discovered the problem after spending six months reversing Qualcomm’s code.
They found that the problem lay in the software that handles graphics, and in the code that controls communication within the phone.
Mr Shaulov added that taking advantage of the bug would allow hackers to take control of the phone, as well as gain access to all its data.
The results have now been handed to Qualcomm, who is believed to have started to work on a fix for the bug.
While the patches – fixes for the bug – have been distributed to the phone makers, it is still unclear how many of those companies have sent the update to their customers.
In the meantime, Checkpoint has created an app called‘QuadRooter Scanner’, that allows users to check if their phone is vulnerable to the bug.
Mr Shaulov added that Android users should make sure they only download apps from the Google Play store.
He said: ‘People should call whoever sold them their phone, their operator or the manufacturer, and beg them for the patches.’
Read the Original
Comments
Post a Comment