Android devices known for their vulnerabilities have recently been reported to be exposed to another potential threat. Serious security flaws are found in the coding of many Android devices, which could give hackers and attackers complete access to the users’ phone data. The software code has been used on more than millions of Android devices and is a potential loophole that needs an immediate fix.
These security backdoors were discovered by researchers at Checkpoint, a leading cyber security firm. The coding was used in software that was operating on chipsets manufactured by Qualcomm. The firm pointed out that these chipsets are found in approximately 900 million Android phones.
The research also noted that this backdoor hasn’t been violated by cyber criminals; however, the potential for such a scenario definitely exists.
Checkpoint’s head of mobility product management, Michael Shaulov observed that such vulnerabilities in the system hold the potential of being exploited in the next three to four months concluding that such zero-day flaws must be patched immediately to avoid data leaks. He further pointed that it took his team at least six months of reverse engineering the code used by Qualcomm.
The vulnerabilities were found in the software that handles the graphics and also in the code that is responsible for communication between various processes existent in the phone.
Bug exploitation by cyber criminals will allow them to slowly take control over the entire device while also having complete access to user data.
Checkpoint researchers fear that such flaws could be employed to craft booby-trapped applications which would then allow them to gradually gain control over the phone. The firm further reported that the information regarding the leak has been passed on to Qualcomm and the company has started issuing patches for the resolution of bugs while also employing the fixed version in its manufacturing processes.
Qualcomm has also released bug patches to phone manufacturers and operators, but it is unclear whether these companies have passed on the patches to their users.
In addition to this, the cyber security firm has released an application (free) named as QuadRooter Scanner which can be used to check whether your device is exposed to any flaws and whether patches for vulnerabilities have been downloaded and installed or not.
Mr. Shaulov commented that in order to maintain your device’s security, applications and games should be downloaded exclusively from the Official Play Store application.