LASER_oneXM

Level 33
Verified
A series of critical vulnerabilities have been discovered in Qualcomm chipsets that could allow hackers to compromise Android devices remotely just by sending malicious packets over-the-air with no user interaction.

Discovered by security researchers from Tencent's Blade team, the vulnerabilities, collectively known as QualPwn, reside in the WLAN and modem firmware of Qualcomm chipsets that powers hundreds of millions of Android smartphones and tablets.

According to researchers, there are primarily two critical vulnerabilities in Qualcomm chipsets and one in the Qualcomm's Linux kernel driver for Android which if chained together could allow attackers to take complete control over targeted Android devices within their Wi-Fi range.
 

ZeroDay

Level 28
Verified
Malware Tester
I'm lucky my Samsung phone came with the Exynos CPU. But, no doubt there will be flaws in all of them they just either haven't been discovered or disclosed yet. I had an Honor 20 briefly and that Kirin 980 is a beast! of a CPU.
 

oneeye

Level 4
Verified
Patches were already made available, but, of course, they take forever to make it to other manufacturer's devices besides Google!

The researchers are giving a presentation at Blackhat this week, so expect their paper to be available in a week or two, after conference closes.
 

Raiden

Level 13
Verified
Content Creator
Exactly! Anything one human creates another human will defeat even if it takes years.
One could also say that sometimes it's a matter of knowing where to look. From what I can see, before this whole spectre/meltdown fiasco happened, you didn't hear very much about processor vulnerabilities in general. Either they were hard to find, or quite frankly no one was really looking for them (probably a bit of both). However, ever since this whole spectre/meltdown episode, it seems like people are poking around more and more now compared to before.
 
Last edited:

Slyguy

Level 42
Verified
Years ago when I was working at a major UTM vendor, we were studying something we called 'WLAN Malware' or 'Wireless Malware'. That is, malware that itself is a frequency, injected into the wireless beamform itself to infect a device. At the time, nobody in the general public or even IT circles really believed such a beast could exist. But it can. Later, the same lab was exploring data integrity violations of 60 Hz circuits (electricity). As implausible as it sounds, not only can data be egressed from a location over the 60 Hz line, but data can ingress over it. We examined Ultrasonic Frequencies in use for malware, intrusion, and data extraction techniques and isolated specific ranges of them in use. Many years, even a decade before anything was known about this. We've seen long ethernet runs be used for extraction and infiltration, and in some cases simply destroying equipment with EMI and ATX overloading.

The good news is, there are countermeasures for almost all of this.

You are vulnerable, especially on runs over 10 feet, and seriously vulnerable on runs over 30 feet or more. Fortunately you can use SFTP and ATX shielded cable and use a gas discharge coupler on the ethernet to avoid problems. If you plug anything in to the wall it's vulnerable. Fortunately you can apply Material 31 ferrite to each device cable, Shunt Capacitors on the circuit, and if necessary use an Isolation Transformer before your UPS.

Even then, that is aside from known vulnerabilities, programmed vulnerabilities, exploits, malware and compromised update channels. In effect, it's virtually impossible to guarantee the security of anything anymore.

I suppose you could find an old computer, old NIC, running a highly antiquated OS version and as a general rule have something quite secure and something you can assuredly trust. But who is going to do that? Nobody really. So the net result is - everything is already compromised and most people should work from the assumption that if it is plugged into electricity and/or plugged into ethernet, it's compromised.
 
  • Like
Reactions: venustus

Spawn

Administrator
Verified
Staff member
Patches were already made available, but, of course, they take forever to make it to other manufacturer's devices besides Google!
Mobile carriers have to test each update and this takes a long time. It's better to buy unlocked Android phones, and preferably a flagship for the better chance of frequent updates.

I know I'll receive the August 2019 patch within 2 weeks of this month.
+ Unlocked smartphone
+ Flagship with 2 years support