The Qualcomm processor, built-in smart phones and tablets running Android operating system detected errors that hackers could use to break into the mobile banking application, newspaper Financial Times (FT). He discovered these vulnerabilities an Israeli developer of solutions for Check Point cybersecurity. He called them Quadrooter, because each of them allows hackers to gain administrator privileges (root) and full control over the device.
The potential victims of the attacks could be 900 million devices, including smartphones, were considered well protected: Samsung Galaxy S7 and S7 Edge, Blackberry Priv, Google Nexus 5X, 6 and 6P, HTC HTC One M9 and 10, Sony Xperia Z Ultra, follows from Check Point materials. Approximately smartphones sold worldwide in the first nine months (see. Chart on p. 17). In 2015, Qualcomm controlled, according to ABI Research, 65% of chips for smartphones with support for 4G.
Hackers could entice users of these devices to download a malicious application, and then remotely extend the rights of the application so that it could see all the information on the device. With access to the phone’s memory, hackers can gain access to the messages in WhatsApp, e-mail, password, from mobile banking, says the head of management of mobile devices and cloud-based security Check Point Michael Shaulov. The company notified the vulnerability Qualcomm and Google. Vice President of Engineering Qualcomm Product Security Initiative Alex Gantman said that the company has developed a product that eliminates them. Google representatives also told the FT on the issue of programs to detect, block and remove malicious applications that use vulnerabilities in the operating system. Whether hackers to use them, it is not clear.
In view of the scale of business and the market shares of Qualcomm and Android is one of the largest in the history of incidents, says security expert Alex Lukatskii Cisco Systems.
Similar findings were in July 2015, when Zimperium Mobile Security discovered in Android comparable coverage vulnerability Stagefright (she had been exposed to 950 million units), recalls the deputy head of the laboratory of computer forensics Group-IB Sergei Nikitin. And in March 2016, anti-virus company Trend Micro reported vulnerabilities in Qualcomm Snapdragon processors, potentially threatening nearly one billion users, said anti-virus expert “Kaspersky Lab” Victor Chebyshev.
by itself is harmless, any vulnerability: an attacker could exploit the vulnerability, only if your phone will work on malicious code Lukatskii explains. The problem is that the user usually does not notice that his unit entered the malware, and in most cases he agrees to its launch, agrees Chebyshev.
safety rules are simple: do not walk on suspicious sites, do not click on links sent by strangers, Lukatskii lists. In addition, he advises not to download applications that have few users: it may be an indication that they are infected with the virus. Next rule – enable automatic update of the operating system, ensure beforehand that the update source you can trust. Chebyshev recalls the need to install antivirus software.
To use Quadrooter vulnerability, the attacker would have to install malicious code on the device, this significantly reduces the danger for the user, agrees CEO of Digital Security Ilya Medvedovsky. For hacker main way to make money on such vulnerabilities – to create an extensive network of infected devices, but at the same time mass and minus, as manufacturers quickly diagnose and eliminate such vulnerabilities, he says. Recently, hackers prefer, he said, not massive, but less targeted attacks (eg, banks), because of their monetization scheme is much more understandable.
The consequences of breaking limited only by imagination virus writers do not agree Chebyshev: hackers can earn, attacking banking applications or forcing Google Play install paid apps. If the device will be infected, it is possible embezzlement of funds through sms-banking, block user data and then extort money, remote device management, theft of information, photographs, correspondence, agrees Nikitin. If a malicious program to get administrator privileges (for example, by Quadrooter), then its removal may require a complete rewrite of the smartphone, it warns.