Qualcomm’s Snapdragon chip used in Android smartphones may have put over 3 billion users globally at risk. CheckPoint security researchers have discovered over 400 vulnerabilities in Qualcomm’s Digital Signal Processor (DSP) chips.
Qualcomm chips are used in over 40% of the smartphone market and are found in phones from different price categories. These also include premium phones from brands like Google, Samsung, LG, Xiaomi and more. CheckPoint tested the DSP chip and discovered over 400 vulnerable pieces of code. If exploited it can allow hackers to turn any smartphone into a spying tool without the user’s interaction.
Hackers can get access to data including photos, videos, call recordings, real-time microphone data, GPS and location data as well.
Hackers can also push a denial-of-service attack which would freeze the phone. This way all the data on the phone will be permanently available. Another potentially dangerous thing is that hackers can inject malware and malicious code on these phones that will not only hide their activities but even make them unremovable.
CheckPoint hasn’t revealed the technical details of how these vulnerabilities can be exploited.
But for Android phone users to be completely safe, mobile phone vendors will have to roll out the security fixes to their smartphones.
‘Regarding the Qualcomm Compute DSP vulnerability disclosed by Check Point.Users to update their devices as patches become available and to only install applications from trusted locations such as the Google Play Store,’ Qualcomm said in a statement to Bleeping Computer.
The Qualcomm chip security loopholes affect only Android smartphones. iPhones are safe since Apple uses in-house chips. Other than Qualcomm.