New Qualcomm Chip that Permits the Hackers to Monitor Android Devices!

New Qualcomm Chip that Permits the Hackers to Monitor Android Devices!

The researchers disclosed that as per the new security vulnerability present in Qualcomm’s mobile station modems (MSM) that permits the attackers to get the underlying Android OS while slipping the malicious code that remained undetected into the mobile phones.

In case the exploit is vulnerable and may permit the attackers to access the Android OS itself that it works as an entry point that injects the malicious and hidden code inside the smartphone, the execute the further attacks and grants the attackers to access the SMS messages, audio or phone conversations.

Meanwhile, a heap overflow vulnerability is identified as CVE-2020-11292, which initiate the QMI voice service that exposed the modem to the high-level operating system and permits the attackers to exploit the malicious application that deals with the activities and also worked in modem chip as well and make it visible for the security system that was already installed in the device.

These chips are designed in 1990 and assist mobile phones while connecting them to the cellular networks and permit the Android to access the chip’s processor using the Qualcomm MSM Interface (QMI), which works as a proprietary protocol that also enables the communication between the software components present in MSM and another peripheral subsystem that includes the camera and other scanners.

Who is Influenced by this Attack?

New Qualcomm Chip that Permits the Hackers to Monitor Android Devices!

However, more than 40% of the smartphones today that also includes Google, Samsung, Xiaomi, One Plus, and LG are using the Qualcomm MSM chip, an estimated 30% of the devices are using the QMI as per the analysis.

The attacker also added that these vulnerabilities will inject the malicious code that accesses the modem from the Android and give the access to the user devices and they controlled the call history, they can listen to the user conversation, and SMS too. The hacker can also capable to exploit the vulnerability that unlocked the user device SIM card and other overcoming limitations that were imposed by the service provider.

Whereas, the organization spokesperson said that they will support the robust security and privacy is the priority of the company. The organization is willing to take every step which is required while fixing the vulnerability available in OEMs and they will also promote end-users while updating the devices and the patches are becoming available soon and it also deals with CVE-2020-11292 that present in Android Bulletin.

According to the experts, this is not the first time when critical bugs were discovered in the Qualcomm chips. In August more than 400 security issues were discovered by the researcher that is collectively named Achilles.

Although, these cellular modem chips are also used while considering the crown jewels for the hackers that also deal with the chips which are created by Qualcomm. An attack on such an organization is also driven by a negative impact that affects millions of devices situated across the world.

Leave a Reply