Over One Billion Android Phones May be At Risk of 400 'Achilles' vulnerabilities - It Lets Hackers Turn Handsets Into Spying Tools

Android, qualcomm

Researchers at CheckPoint discovered over 400 vulnerabilities(pieces of code) within the Digital Signal Processor(DSP) chips found within Snapdragon chips that are used in hundreds of millions of Android Devices.
With many Android users having the largest market share, they are at risk – it has been found that Apple/iPhone users aren’t affected because Apple provides its own processors.

Experts at CheckPoint say users only need to install what seems like a benign app but it is full of malicious code that can enable hackers to launch an attack and get their way through to every information on your phone.

The head of Security at CheckPoint, Yaniv Balmas, boldly says that "You can be spied on and that you can lose all your data." Smart Phones have become the current day laptops because almost everything can be done using phones that is done on laptops/desktops.

The Snapdragon chip can be found in leading phone products like Google, Samsung, Xiamo, LG and OnePlus. 

What the ‘Achilles’ Exploit does?

  • It can turn your smartphone into "a perfect spying tool".
  • Possible actions that can be taken include stealing photos, videos, GPS/location data and even real-time microphone data.
  • Targeted denial-of-service attacks could be performed.
  • Malware/malicious code could be discretely hidden on the device, after-which it wouldn't be possible to remove it.

What Qualcom did? 

The makers of the Snapdragon Chips Qualcomm issued a statement regarding Check Point's findings:

“Providing technologies that support robust security and privacy is a priority for Qualcomm. Regarding the Qualcomm Compute DSP vulnerability disclosed by Check Point, we worked diligently to validate the issue and make appropriate mitigations available to OEMs. We have no evidence it is currently being exploited. We encourage end users to update their devices as patches become available and to only install applications from trusted locations such as the Google Play Store.”

What to do?

DICTS encourages, all staff and students using the Android Smartphones to update their phones now with the latest patches, don’t wait to be hacked, act now.
 

© 2022 All rights reserved - Directorate for ICT Support (DICTS) - Makerere University

Available Office Time: 8:00am - 5:00pm (Monday - Friday)

Service Desk - https://support.mak.ac.ug

Email: helpme@dicts.mak.ac.ug
Phone: 0414 531343/437
Hours: 9:00am - 5:00pm