Reports claim that over 900 million Android devices are affected by ‘high-risk’ Quadrooter flaw warns security company Check Point software technologies.
Found in devices running Qualcomm processors, QuadRooter includes four vulnerabilities, any of which can be used by hackers to take control of an smartphone. “If exploited, QuadRooter vulnerabilities can give attackers complete control of devices and unrestricted access to sensitive personal and enterprise data on them. Access could also provide an attacker with capabilities such as keylogging, GPS tracking, and recording video and audio,” says Check Point in a blog post.
Hackers can trigger any of these four vulnerabilities using a malicious app. “Such an app would require no special permissions to take advantage of these vulnerabilities, alleviating any suspicion users may have when installing,” adds the post.
The blog notes that QuadRooter affects smartphone drivers which control communication between the various chipset components. Since the vulnerable drivers are pre-installed on devices at manufacturing level, it can only be fixed if the OEMs or carriers issue a software patch.
Check Point recommends users to download and install the latest Android updates as soon as they become available, avoid side-loading apk files, read app permission requests carefully while installing apps and more.
Affected devices included:
- BlackBerry Priv and Dtek50
- Blackphone 1 and Blackphone 2
- Google Nexus 5X, Nexus 6 and Nexus 6P
- HTC One, HTC M9 and HTC 10
- LG G4, LG G5, and LG V10
- New Moto X by Motorola
- OnePlus One, OnePlus 2 and OnePlus 3
- US versions of the Samsung Galaxy S7 and Samsung S7 Edge
- Sony Xperia Z Ultra
[Times of India]