Over 900 million Android devices are at risk of getting attacked by hackers due to a set of 4 vulnerabilities dubbed QuadRooter. Researchers at security firm Check Point uncovered the flaws a few months ago when looking into Qualcomm processors.
According to Check Point, QuadRooter affects all Android phones and tablets which get its power from Qualcomm CPUs. If any one of the 4 vulnerabilities is exploited, it will allow attackers to gradually take over a victim’s handset and gain root access. Hackers would simply have to trick people into downloading a malicious app to make this possible.
Worryingly, these apps wouldn’t even require any special permissions to wreak havoc on a person’s device, lessening any suspicions a user might have when installing it. Catch Point has highlighted several flagship smartphones which could be at risk to QuadRooter including the BlackBerry Priv, Google Nexus 6P, Moto X, OnePlus 3, Samsung Galaxy S7, LG G5, and HTC 10.
Once they find a way in, hackers could gain complete control of devices and unlimited access to sensitive data. They may even be able to do things like GPS tracking, keylogging, and recording video and audio. Catch Point claims that it got in touch with Qualcomm and the company subsequently fixed all the flaws.
Qualcomm then sent out patches to customers, partners, and the open source community between April and July this year. While 3 of the flaws have already been resolved in Android’s latest monthly security update, 1 is yet to be addressed. The final patch apparently wasn’t issued in time and will make its way to the public in September.
Millions of Android devices are at risk till then, with Check Point going as far as to state that no one has a device that’s fully secure right now. It’s launched its own QuadRooter Scanner app to help people determine if they’re device is vulnerable to the new threats. The firm is also advising users to refrain from downloading apps outside of the Google Play Store.