Cyber Secuirty firm has found a vulnerability in Android phones that are using Qualcomm processor. The vulnerability emerged in 2011 as vulnerable APIs. Secuirty researchers have warned that it could have put millions of smartphone users at risk. This vulnerability if exploited, allows the hacker to get access to sensitive details of the user.
Millions of Android Devices With Qualcomm Chip Vulnerable To Hacking
Cyber security firm, Mandiant has published a report which asserts that the devices powered by Qualcomm chips or code written by the chip maker, introduced new APIs for the Android network manager system service, the phones prone to the attack were then connected to the “netd” daemon.
The firm also identified the vulnerability as CVE-2016-2060 which is present in a software package managed by the chip maker, Qualcomm. If the vulnerability is exploited by hackers, it can let the hacker to access the user’s SMS database, phone history and more things. The software package is open source, it could also affect the other projects which also includes Cyanogenmod.
The vulnerability which is quite stiff in Android 4.3 or lower, as it lets low privileged apps to access to sensitive details which the user generally don’t want to disclose or to be in off limits, Security firm Fireeye stated. However, the data is usable by invoking permissions which are already seeked by millions of Google Play Apps.
The researchers from the company said that the vulnerability can be exploited by adversaries that acquire physical access to an unlocked device. The vulnerability is dubbed as CVE-2016-2060 as stated above, the flaw emerged when chip maker, Qualcomm published set of programming interfaces for a system service called “network_manager” and later termed as “netd” daemon.
“Any application could interact with this API without triggering any alerts,” states FireEye. “Google Play will likely not flag it as malicious, and FireEye Mobile Threat Prevention (MTP) did not initially detect it. It’s hard to believe that any antivirus would flag this threat. Additionally, the permission required to perform this is requested by millions of applications, so it wouldn’t tip the user off that something is wrong.”
Attacker can acquire access to the device via physical access or by installing a malicious apps on the device by phishing strategy, fake download or by other way. Surprisingly, it is also difficult for victims to spot whether their devices are infected, as the victim may not experience slower performance or crashes.
“Since this is an open-source software package developed and made freely available by Qualcomm, people are using the code for a variety of projects, including Cyanogenmod (a fork of Android). The vulnerable APIs have been observed in a Git repository from 2011, indicating that someone was using this code at that time. This will make it particularly difficult to patch all affected devices, if not impossible. The OEMs will now need to provide updates for their devices; however, many devices will likely never be patched” states FireEye.