A study reveals that there are more than 400 possible vulnerabilities in Qualcomm’s Snapdragon chips, which are used as CPUs in millions of Android phones around the world.
illions of Android devices are in danger according to a published study by the cybersecurity company Check Point in which they point to a set of critical flaws or vulnerabilities in the Snapdragon chips of the company Qualcomm that are normally used for the processor of mobile phones.
The most serious thing is that these failures can be used to steal personal information from users by downloading a simple video file or other content that is processed by this chip. It is even possible to get access to mobiles without the need to grant permissions to a downloaded app.
Once the attacker has managed to get the user to download the malicious file, they can find out where the mobile phone is being used from, listen to their microphones live and obtain photos and videos stored on the device with great ease and without the user realize nothing.
According to the CheckPoint researchers, although the advantages of the Snapdragon chips are evident due to their low consumption and their processing capacity, their DSP-type architecture has numerous weak points that allow attacking the devices and that make them more vulnerable to attacks. In total, it is estimated that there are more than 400 possible flaws that can be exploited to obtain foreign information and without being discovered.
Although the company responsible for the chips, Qualcomm, has already launched a solution for these failures , so far they have not reached the Android operating system or the devices that use its chips. At the time of this news release, Qualcomm has not yet provided an answer to this dilemma. They have only issued a statement addressed to those responsible for the study in which they indicate that “they have worked to make solutions available to manufacturers” to these failures, although they assure that they do not have “evidence that they are currently being exploited” .
Since Qualcomm is one of the most important chip manufacturers in the world and its technology is present in millions of devices, not only through its Snapdragon processors, but also with other chips; the severity of these failures is immense. According to Check Point, the company’s Snapdragon processors are in 40% of all mobiles in the world and Qualcomm’s technology is present in 90% of mobiles around the world .
At the user level, there is not much you can do to defend against an attack targeting the processor, beyond not downloading files or applications that do not come from safe places, although it seems that even the official application stores count more and more with less filter and it is possible to install malicious apps even from the official Google application store.