According to security researchers around 900 million android devices are vulnerable to cyber attacks that exploit four vulnerabilities in software drivers for Qualcomm chips.
Any of the four vulnerabilities can be exploited by attackers using a malicious app to trigger privilege escalations and gain root access to the device.
The researchers said the app would require no special permissions to take advantage of the vulnerabilities so would not arose suspicions.
Senior security researcher at Check Point, Adam Donenfeld, said: “During our research, we found multiple privilege escalation vulnerabilities in multiple subsystems introduced by Qualcomm to all its Android devices in multiple different subsystems.”
Donenfeld believes gaining access to an Android smartphone or tablet allows attackers to take complete control of the device.
They then have the power to change or remove system-level files, delete or add apps and access the device’s screen, camera, microphone or data.
Chief executive officer at security firm CensorNet, Ed Macnair, said: "Given that BYOD [bring your own device] is now commonplace, a vulnerability in mobile hardware on this scale could be a huge risk to enterprises.
“By having root access to the primary device that many people use on a daily basis for business operations, a hacker basically becomes a superuser. Having unfettered access to company systems is a few relatively simple steps away.”Return to internet news headlines
View Internet News Archive