New Flaws in Qualcomm Chips Expose Millions of Android Devices to Hacking

LASER_oneXM

Level 37
Thread author
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
A series of critical vulnerabilities have been discovered in Qualcomm chipsets that could allow hackers to compromise Android devices remotely just by sending malicious packets over-the-air with no user interaction.

Discovered by security researchers from Tencent's Blade team, the vulnerabilities, collectively known as QualPwn, reside in the WLAN and modem firmware of Qualcomm chipsets that powers hundreds of millions of Android smartphones and tablets.

According to researchers, there are primarily two critical vulnerabilities in Qualcomm chipsets and one in the Qualcomm's Linux kernel driver for Android which if chained together could allow attackers to take complete control over targeted Android devices within their Wi-Fi range.
 
F

ForgottenSeer 72227

Exactly! Anything one human creates another human will defeat even if it takes years.

One could also say that sometimes it's a matter of knowing where to look. From what I can see, before this whole spectre/meltdown fiasco happened, you didn't hear very much about processor vulnerabilities in general. Either they were hard to find, or quite frankly no one was really looking for them (probably a bit of both). However, ever since this whole spectre/meltdown episode, it seems like people are poking around more and more now compared to before.
 
Last edited by a moderator:
F

ForgottenSeer 58943

Years ago when I was working at a major UTM vendor, we were studying something we called 'WLAN Malware' or 'Wireless Malware'. That is, malware that itself is a frequency, injected into the wireless beamform itself to infect a device. At the time, nobody in the general public or even IT circles really believed such a beast could exist. But it can. Later, the same lab was exploring data integrity violations of 60 Hz circuits (electricity). As implausible as it sounds, not only can data be egressed from a location over the 60 Hz line, but data can ingress over it. We examined Ultrasonic Frequencies in use for malware, intrusion, and data extraction techniques and isolated specific ranges of them in use. Many years, even a decade before anything was known about this. We've seen long ethernet runs be used for extraction and infiltration, and in some cases simply destroying equipment with EMI and ATX overloading.

The good news is, there are countermeasures for almost all of this.

You are vulnerable, especially on runs over 10 feet, and seriously vulnerable on runs over 30 feet or more. Fortunately you can use SFTP and ATX shielded cable and use a gas discharge coupler on the ethernet to avoid problems. If you plug anything in to the wall it's vulnerable. Fortunately you can apply Material 31 ferrite to each device cable, Shunt Capacitors on the circuit, and if necessary use an Isolation Transformer before your UPS.

Even then, that is aside from known vulnerabilities, programmed vulnerabilities, exploits, malware and compromised update channels. In effect, it's virtually impossible to guarantee the security of anything anymore.

I suppose you could find an old computer, old NIC, running a highly antiquated OS version and as a general rule have something quite secure and something you can assuredly trust. But who is going to do that? Nobody really. So the net result is - everything is already compromised and most people should work from the assumption that if it is plugged into electricity and/or plugged into ethernet, it's compromised.
 
  • Like
Reactions: Venustus

Ink

Administrator
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
Patches were already made available, but, of course, they take forever to make it to other manufacturer's devices besides Google!
Mobile carriers have to test each update and this takes a long time. It's better to buy unlocked Android phones, and preferably a flagship for the better chance of frequent updates.

I know I'll receive the August 2019 patch within 2 weeks of this month.
+ Unlocked smartphone
+ Flagship with 2 years support
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top