Millions of Android Devices Potentially at Risk Because of Qualcomm Flaw

A little while ago, a team of researchers from Checkpoint Security has uncovered a total of four vulnerabilities in Qualcomm chips, and it looks like these vulnerabilities could be serious enough to allow hackers to take control of Android devices powered by these chips. The flaws were collectively named “Quadrooter,” and they could affect as many as 900 million Android devices across the world. Even though there’s no evidence at the time of writing these flaws have been exploited, the company seems to believe that it’s only a matter of time before they will be. Michael Shaulov, Checkpoint’s head of mobility product management said that he’s “pretty sure you will see these vulnerabilities being used in the next three to four months.”

The attack would require the user to actually install a piece of malware, but it could also come in the form of a malicious app that would not require special permissions in order to be installed. The actual flaws are related to Qualcomm’s GPU drivers and kernel module, and they could grant the attacker root access to the device should they be exploited. Three of these flaws were fixed with Google’s latest set of monthly security updates, and one more patch is scheduled to come out in September. Until then, you should be extra careful what files you open and what apps you install, even if they appear to be suggested by people from your contact list. Below you will find a list of impacted devices, but keep in mind that this list could be considerably larger.

• BlackBerry Priv and Dtek50
• Blackphone 1 and Blackphone 2
• Google Nexus 5X, Nexus 6 and Nexus 6P
• HTC One, HTC M9 and HTC 10
• LG G4, LG G5, and LG V10
• New Moto X by Motorola
• OnePlus One, OnePlus 2 and OnePlus 3
• US versions of the Samsung Galaxy S7 and Samsung S7 Edge
• Sony Xperia Z Ultra