Researchers at Check Point, a security firm, have discovered a set of vulnerabilities in Android devices running on Qualcomm chipsets. Termed as QuadRooter, this issue affects over 900 million units.
So how does it work? First, the attacker has to be able to trick the user to install a malicious app. Once installed, the attacker can then gain full access to the device. This includes not only the data, but also hardware as well (ex: Camera, Microphone). To give you an idea, this issue affects even recent nexus devices and flagships.
Source: Check Point’s Blog Page (https://blog.checkpoint.com/2016/08/07/quadrooter/)
Fortunately, Qualcomm has already been notified about this issue back in April. Three of the four vulnerabilities were fixed through monthly Android security updates. Unfortunately, we will have to wait until September for the fix to the remainder.
For the meantime, Check Point recommends following these practices for protecting your device:
Source: Check Point’s blog page (https://blog.checkpoint.com/2016/08/07/quadrooter/)
Check Point has also released a QuadRooter Scanner app on Google Play. The app checks a device for the said vulnerabilities.
You may read up on Check Point’s full blog post here.
Emman has been writing technical and feature articles since 2010. Prior to this, he became one of the instructors at Asia Pacific College in 2008, and eventually landed a job as Business Analyst and Technical Writer at Integrated Open Source Solutions for almost 3 years.
