If you follow tech news you’ve probably already read about the new major Android vulnerability discovered by the security firm Check Point.
As expected, a general hysteria got hold of the tech world and it wasn’t long before everyone was expressing their opinion on the subject. Since a lot of information has been thrown in the name of big headlines, here’s some facts about the new set of Android vulnerabilities – QuadRooter.
What is QuadRooter ?
Check Point‘s researchers found a set of four vulnerabilities that affect Android devices built on Qualcomm’s chipsets.
Theoretically, a skilled attacker that could exploit on any of these vulnerabilities would trigger privilege escalation and gain root access to your device. The best way to do that is by using a malicious app. Because no special permissions are needed in order to exploit these vulnerabilities, a malicious app could potentially make its way to your device without raising any suspicions.
Once a hacker has root access to your device it’s basically Game Over. At that point, he would have complete control over your phone functions, apps and any credit card information you might have on the device.
Is my device affected by QuadRooter?
Most likely. Since Qualcomm has the biggest market share of LTE chipsets (65%), it is estimated that close to 900 million Android devices (smartphone & tablets) are affected by this vulnerability.
Just to give you an idea of the scale, here are some of the latest flagships that are vulnerable to QuadRooter:
- Samsung Galaxy S7 and S7 Edge
- Sony Xperia Z Ultra
- LG G4, G5, and V10
- HTC One M9 and HTC 10
- BlackBerry Priv
- Google Nexus 5X, 6 and 6P
- OnePlus One, OnePlus 2 and OnePlus 3
- Motorola Moto X
- Blackphone 1 and Blackphone 2
And this is just the tip of the iceberg. Any Android device that was built with a Qualcomm chipset is at risk.
If you’re not sure on the chipset that your phone uses, download Quadrooter app and see if you’re directly affected by any of the four vulnerabilities.Download QuadRooter Scanner
Warning ! Stay away from other copycats in Google Play. Use QuadRooter Scanner from Check Point Labs to see if your device is really affected.
Won’t Android manufacturers release a fix?
They will eventually, but things are moving very slow. Qualcomm has already developed a series of patches covering all four vulnerabilities and made them available for all their customers and partners.
Google stated that three of the four vulnerabilities are already protected on their Nexus devices. The remaining vulnerability will be addressed in the next security update.
In addition, updates are already being developed for Google Play, Verify Apps, and Safety Net. This will provide an additional layer of protection for the users.
Since the Android ecosystem is highly fragmented, it’s impossible for all users to get patches at the same time. The timeframe in which you’re going to get a fix will depend on the speed with which your manufacturer and mobile operator will push it out.
Because there are hundreds of thousands of different Android devices on the market, and almost all of them are affected, it’s absurd to expect that everyone will get a fix immediately.
If you own a popular device, chances are you’ll be protected soon enough. But if you’re not, be very careful about what app you choose to install on your device. QuadRooter can pass Google Play’s security service and as a result, a hacker can upload a new app capable of gaining root access to your device and wreak havoc. Keep your device secure by avoiding sketchy new apps altogether.