According to researchers at the security firm Check Point, all Android devices are going to suffer from a new flaw. Known as QuadRooter, the flaw is a mix of four vulnerabilities that will affect Qualcomm-powered Android devices. There are more than 900 million Android smartphones and tablets with Qualcomm chipsets. The flaw affects the top-end and most secure devices such as Samsung Galaxy S7 and BlackBerry DTEK50 as well. It can attack any smartphone with Android as OS and Qualcomm as a processor. It is worth mentioning that QuadRooter flaw affects almost a billion Android-powered devices.
What is QuadRooter?
In its blog post, Check Point explains QuadRooter – It is a set of four vulnerabilities affecting Android devices with Qualcomm chipsets. Qualcomm is the world’s leading designer of LTE chipsets with a 65% share of the LTE modem baseband market. If any one of the four vulnerabilities is exploited, an attacker can trigger privilege escalations for the purpose of gaining root access to a device.
Security Patches by Qualcomm and Google
Surprisingly, Qualcomm was intimated about the security flaw in April, this year. The fault appeared in company’s software drivers. If misused, the security defect can provide intruders full control of affected Android device. It can also provide access to personal and business information. Hackers can take advantage of the flaw by tricking users into downloading a malicious app. The installation of such app does not even require special permissions, which makes hacker’s job easier. The app grants hacker with a complete takeover of the device and lets them fetch sensitive information.
To clarify the issue, Qualcomm stated that it had fixed all the open end vulnerabilities, and the security patches were handed over to the manufacturers. Google has included the fix for three vulnerabilities in the recent Android monthly security update. But one issue is still lingering, which will be cured in the September security update by Google. Also, as stated by Qualcomm, its clients already have the fixes, and they might roll it out soon.
How to scan for QuadRooter on your phone?
Thankfully, Check Point has launched a QuadRooter Scanner app on Google Play. This app would allow users to scan their device for vulnerabilities. The app thoroughly examines the device and notifies the user whether there are vulnerabilities or not.
In a blog post, Check Point wrote that smartphones such as Google’s Nexus 5X, Nexus 6, and Nexus 6P, HTC’s One M9 and HTC 10, and Samsung’s Galaxy S7 and S7 Edge are among many devices that are vulnerable to QuadRooter.
What we recommend?
Now that the issue is out in the open, we would like to advise our reader to be smart with their device usage. Here are a few things that you should keep in mind to steer clear of hackers:
- Do not install fishy apps
- Make sure that you go through app reviews and rating on the Play Store before installing any app
- Please check the app requirements before installing it
- Avoid installing third-party apps
As they say,”Prevention is better than cure” – we recommend you to keep your device safe and follow the aforementioned tips.