Snapdragon chip flaw places Android customers vulnerable to information theft

"use strict"; var adace_load_60ff150306258 = function(){ var viewport = $(window).width(); var tabletStart = 601; var landscapeStart = 801; var tabletEnd = 961; var content = ''; var unpack = true; if(viewport=tabletStart && viewport=landscapeStart && viewport=tabletStart && viewport=tabletEnd){ if ($wrapper.hasClass('.adace-hide-on-desktop')){ $wrapper.remove(); } } if(unpack) { $self.replaceWith(decodeURIComponent(content)); } } if($wrapper.css('visibility') === 'visible' ) { adace_load_60ff150306258(); } else { //fire when visible. var refreshIntervalId = setInterval(function(){ if($wrapper.css('visibility') === 'visible' ) { adace_load_60ff150306258(); clearInterval(refreshIntervalId); } }, 999); }


According to analysis printed by Check Point, practically 40 p.c of the world’s Android gadgets at the moment have a vulnerability that might grant hackers entry to SMS messages and cellphone conversations.

Check Point discovered the flaw in Qualcomm’s Mobile Station Modem (MSM) and in Android’s capacity to speak with the MSM via the Qualcomm MSM Interface (QMI). Qualcomm’s MSM is a collection of chips used to hook up with 2G, 3G, 4G and 5G techniques.

Attackers may use Android itself to inject malicious code, whereas apps may use the vulnerability to cover their exercise throughout the modem and successfully make it invisible to security measures Android makes use of to detect malicious exercise.

Once an attacker has entry, they might view the customers’ SMS historical past, name historical past, and even pay attention to real-time conversations. Hackers may additionally use the exploit to unlock a tool’s SIM card.

Check Point notes that Qualcomm confirmed the problem, outlined it as a high-rated vulnerability and recorded it as CVE-2020-11292. Bleeping Computer notes that Qualcomm made safety patches accessible to distributors in December 2020, though it doesn’t seem to have made it right into a month-to-month Android safety patch but.

Here are just a few suggestions primarily based on Check Point’s suggestions to maintain your system protected:

  1. Always run the newest model of the OS to guard your system in opposition to vulnerabilities and exploits.
  2. Always set up apps from official app shops or different credible sources.
  3. To cut back the potential of delicate information loss, all of your gadgets ought to have distant wipe enabled.
  4. Install an anti-virus software program on all your gadgets, comparable to CIRA Canadian Shield.

Source: Check Point, Bleeping Computer

What do you think?

Written by Gideon


Leave a Reply

Your email address will not be published. Required fields are marked *