Android users have been cautioned about a scarily common security flaw in smartphones. The issue is found inside Qualcomm’s Snapdragon chipsets – one of the most widely used in Android devices worldwide – and can allow hackers to transform your device into a spying tool by activating the microphones. Not only that, but hackers would be able to trawl though the photos and videos saved on your handset as well as siphon off personal data, like GPS and location data. Yikes.
As well as siphoning off location data, spying on conversations using the built-in microphones, and copying photos and videos, Check Point researchers say the vulnerabilities can also be used to install malware on the device and hide it from you. That means crooks could be quietly generating revenue by displaying additional advertisements across your smartphone – and you’d never be able to remove the malware responsible.
The impacted component – the DSP – is a crucial part of the smartphone processor. In fact, it enables a number of the useful features we’ve come to expect from our devices, including HD video recording, Augmented Reality (AR) apps and games, and fast-charging, to name a few. According to Check Point, these features make the DSP a super-efficient component but could potentially open-up more pathways for hackers to control our devices.
Check Point disclosed its findings to Qualcomm, government officials, and the affected smartphone manufacturers before sharing the news with the likes of us.
The researchers will not publicly publish any particulars of the Achilles flaw as millions of devices remain at risk. Qualcomm has purportedly fixed the issue, however, that doesn’t mean your Snapdragon-powered device is necessarily safe. That’s because it’s down to phone manufacturers themselves to push out relevant security patches in software updates – something that tends to take time. If you’re using a relatively new smartphones, chances are, you’ll get the update relatively soon but those hanging on to older handsets might find that they never get the update.
After all, most manufacturers only guarantee security updates for two or three years after the initial launch of the smartphone.
Qualcomm says it has “worked diligently to validate the issue and make appropriate mitigations available” to smartphone makers. So, if there is an update waiting to be installed on your smartphone that you’ve been putting off, you should probably put some time aside to install it as soon as possible.