A kernel bug in Snapdragon chips may make billions of Android devices susceptible to hacks.A report from The Hacker News has shed light on a major problem with Qualcomm, Inc.’s
Snapdragon chips. Security experts at Trend Micro state that there are some serious programming loopholes in Qualcomm’s “kernel-level” Snapdragon code. Subsequently, in the case this kernel code is exploited, it will allow hackers to have complete control of your device.
Hackers will then have root access to your smartphone. If the intensity of this situation isn’t clear, a hacker with malicious intent will know where you are, snoop through your photos, store your personal details, and in some cases take control of your smartphone.
Qualcomm’s Snapdragon SoCs (systems on a chip) are synonymous with a major chunk of Android devices around the world. Subsequently, the chipmaker also announced its intention to enter the highly lucrative Internet of Things (IoT) and drone market, with related Snapdragon products.
Suffice to say, there are still many smartphones that are running predated firmware, such as Jelly Bean, Lollipop, and KitKat. The current Google OS is Marshmallow, while a much rumored Android N (New York Cheesecake) is making its way to users soon. The Hacker News explains how the issue will be first reported to Qualcomm, which will inform Google, after which the latter will contact the hardware manufacturer, who will then get in touch with a specific network and send an Over-The-Air (OTA) update.
Naturally, this leaves a lot of smartphones unprotected in the face of a forced hacker entry. As per Trend Micro analyst Noah Gamer, Qualcomm’s entry into the vast IoT space will need to be protected from these kinds of vulnerabilities. Subsequently, as users around the world will use these IoT devices, security checks and balances are “absolutely necessary”
Moreover, phones such as Nexus 5, 6, 6P, and Samsung Galaxy Note Edge are devices that are vulnerable, due to Qualcomm’s faulty code. Moreover, these devices have also stopped receiving security updates, so it may be time to upgrade. On the other hand, users who have Google’s Nexus devices, that still receive security updates straight from the tech giant, may be lucky in the foreseeable future.
While Apple Inc. still fights the war on encryption, a vulnerability like this could open up users’ phones to all types of snooping. In any case, we will keep you informed on any update related to this issue.
Working as a cyber security solutions architect, Alisa focuses on application and network security. Before joining us she held a cyber security researcher positions within a variety of cyber security start-ups. She also experience in different industry domains like finance, healthcare and consumer products.