Security News It's 2017 and you can still pwn Android gear with Wi-Fi packets – so get patching now

Solarquest

Moderator
Thread author
Verified
Staff Member
Malware Hunter
Well-known
Jul 22, 2014
2,525
A security researcher has turned up new ways to silently hijack and infect Android devices via malicious Wi-Fi packets over the air.

Scotty Bauer, a Linux kernel developer, described in detail on Monday how he found a bunch of exploitable programming blunders in the qcacld Wi-Fi driver that supports Qualcomm Atheros chipsets. These chips and their associated driver are used in a number of Android phones, tablets, routers, and other gizmos, including some Pixel and Nexus 5 handhelds, for wireless networking.

In an effort similar to Gal Beniamini's work scrutinizing Broadcom's insecure wireless technology, Bauer went looking for low-level remote-code-execution vulnerabilities in Google-powered gadgets, found them, and reported them so they can be addressed.

The result of that effort is some juicy security fixes that were released on Monday by Google. These need to be installed on vulnerable Android devices to protect them from attacks leveraging the now-documented bugs.

Essentially, it is possible vulnerable Android gizmos can be secretly commandeered by nearby hackers via Wi-Fi due to flaws in the aforementioned wireless driver code, originally developed by Qualcomm Atheros. So check for updates from Google, via the Settings app, and install this month's Android security updates if or when they are available for your devices.
Bauer explained that since Qualcomm uses a partial SoftMAC – that is, at least some of the MAC layer is implemented in software – “the source code for handling any sort of 802.11 management frames must be in the driver and is thus available to look at.” In other words, it is possible to study the code and figure out the right management frames to send to a nearby victim's device to trigger the execution of malicious code, leading to crashes or the installation of spyware.
...
...
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top