Android Security Flaw 'QuadRooter' Hits 900 Million Devices

...

Client computing is increasingly providing a back door into the enterprise for the compromise and

Researchers have discovered a set of security flaws that could leave more than 900 million Android smartphones and tablets vulnerable to hackers.

A set of four security vulnerabilities could affect nearly one billion Android smartphones and tablets equipped with Qualcomm chipsets, as discovered by Check Point.

The security firm's mobile research team has dubbed the set of flaws "QuadRooter". Its research findings were shared during a session at hacking conference DEF CON, which took place August 4-7 in Las Vegas.

Qualcomm is the world's top designer of LTE chipsets, Check Point explained, and has captured a 65% share of the LTE modem baseband space. The recently discovered vulnerabilities has left 900 million Android devices vulnerable to hackers.

[Read: Ransomware attacked nearly 50% of businesses in 2015]

A hacker who wanted to exploit any one of these vulnerabilities could do so through a malicious app. The app wouldn't need any special permissions to take advantage of the device, so an unsuspecting user may install it without thinking twice.

If successful in getting a user to download the app, a hacker could gain root access and assume full control over the device. This would give them free access to key business data and capabilities like GPS tracking or video and audio recording.

"Without an advanced mobile threat detection and mitigation solution on the Android device, there is little chance a user would suspect any malicious behavior has taken place," wrote the Check Point mobile research team in a blog post.

Some of the most recent and popular Android devices are affected by Quadrooter.  These include the BlackBerry Priv, Blackphone 1, Blackphone 2, Google Nexus 5X, Nexus 6, Nexus 6P, HTC One, HTC M9, HTC 10, LG G4, LG G5, LG V10, New Moto X by Motorola, OnePlus One, OnePlus 2, OnePlus 3, Samsung Galaxy S7, Samsung S7 Edge, and Sony Xperia Z Ultra.

QuadRooter was discovered when Check Point decided to analyze Qualcomm code in Android devices, explained senior security researcher Adam Donenfeld in his DEFCON presentation summary. Google has recently made several changes to improve security, he noted, but Qualcomm's efforts have an equal effect on Android device protection.

"During our research, we found multiple privilege escalation vulnerabilities in multiple subsystems introduced by Qualcomm to all its Android devices in multiple different subsystems," Donenfeld wrote.

All Android smartphones and tablets equipped with Qualcomm chipsets are at risk. The QuadRooter vulnerabilities are found in drivers that manage communication between different parts of the chipsets, wrote Check Point.

Because drivers are pre-installed on the devices, the flaw can only be fixed with a patch provided by the carrier or distributor. Carriers can only provide the fix after Qualcomm gives them the fixed driver packs.

According to a Qualcomm spokesperson, the company had addressed all of the flaws and provided patches to the open-source community as well as customers and partners by the end of July, reported ZDNet.

Most fixes have been included in Android's monthly security updates, which Google provides on a monthly basis for its Nexus product lineup. Google addressed three flaws in its latest set of monthly security fixes, but one still remains because the final patch was delayed. It will be addressed in the September batch of fixes, which will arrive towards the beginning of the month.

"I'm pretty sure you will see these vulnerabilities being used in the next three to four months," predicted Michael Shaulov, head of Check Point's mobility product management, to the BBC. "It's always a race as to who finds the bug first, whether it's the good guys or the bad."

For IT managers, Check Point has a few recommendations for protecting employee devices from QuadRooter-related attacks.

Device users should install the latest Android updates as soon as they are available and fully understand the risk of rooting a device, whether intentional or the result of an attack. App installation requests should be fully vetted and avoided if they require a large amount of data or battery life.

Employees often use Android devices for personal and business use. For these users, the firm recommends businesses launch a mobile security solution for detecting threats, and a personal mobile security product to monitor devices.

Categories
APPLICATIONS
0 Comment

Leave a Reply

Captcha image


RELATED BY

  • 5300c769af79e

    British Spy Agency GCHQ Joins Twitter

    Tweeter, tailor, soldier, spy: British intelligence and security firm GCHQ (Government Communications Headquarters) has joined Twitter, the first UK Intelligence Agency to do so.Its first tweet—"Hello, world"—is a throwback to the earliest program most engineers learn to write in various coding languages.
  • 5300c769af79e

    Privacy Concerns Curb Online Commerce, Communication

    Concern about online security and privacy are leading Americans to curtail online activity, the United States National Telecommunications and Information Administration reported last week.Eighty-four percent of those households named at least one online privacy and security concern, and 40 percent mentioned at least two.
  • 5300c769af79e

    Instagram's New Event Channels Brings Live Events Straight to You

    With this feature, users can watch video clips and view photos from live events taking place across the world.For example, if a super hot Adele concert is taking place or a big sports match, you can expect to see videos for it coming straight to your device.
  • 5300c769af79e

    LeEco Le Pro3 Review

    To get a sense of what LeEco is offering US consumers, we took its flagship phone, the Le Pro3 (and a Super4 X55 TV), out for a spin.To recap, the device costs $399, coming with a 5.