Security Android has always been in serious doubt. Despite the fact that in recent years Google releases monthly security patches, firstly, not all receive them, and, secondly, they are focused only on fixing system bugs and vulnerabilities, without affecting those hidden in the firmware of processors . And, meanwhile, it is they who turn out to be the most dangerous, because they cover many more devices, and they are corrected much more slowly, requiring a special approach. You don't have to go far for examples.
Android is constantly at risk of being hacked, sometimes not even through Google's fault
A series of several critical vulnerabilities was discovered in Qualcomm processors, affecting about 40% of all Android devices in the world. They are hidden in the sections used for audio and digital image processing. With their help, attackers can create undetectable malicious programs that can spy on users of vulnerable devices, copy and upload their personal data to remote servers, and actually control them regardless of the owners' will.
Vulnerabilities in Qualcomm processors
Snapdragon processors are at risk due to the mass of critical vulnerabilities
The vulnerabilities in question can be found in almost every smartphone on the planet running Android. The price category, brand and model do not matter. Gaps are found in devices from Google, LG, Samsung, Xiaomi, OnePlus and other manufacturers. But iPhone are invulnerable, because although they work on the basis of processors built on the basis of the same architecture as the Qualcomm solutions, they have corrected the described shortcomings. Therefore, nothing threatens their owners, '' said Check Point experts who discovered the vulnerabilities.
According to Qualcomm representatives, they already know about the existence of vulnerabilities in their processors and have fixed 6 of them. Moreover, the company has no evidence that hackers have exploited these vulnerabilities in any way. This suggests that updates with bug fixes were released before the attackers could find out about the possibility of hacking most modern smartphones. True, it still didn't go without problems.
How to protect Android from hacking
Even if you haven't received the update yet, there are some preventive ways to protect against hacking.
Due to the fact that Qualcomm does not have the ability to independently distribute updates to devices that run on its own processors, their release for each of the vulnerable devices depends on the promptness of their manufacturers. The fact is that they will have to, having received the source codes of the updates, adapt them in a special way for their smartphones and tablets in order to avoid conflict with the standard mechanisms of proprietary shells. And since this takes time, not to mention the fact that many vendors do not even bother with adapting patches, it is obvious that the updates have not reached all users.
In this case, Qualcomm has prepared a few practical tips to avoid getting malware that could exploit the detected vulnerabilities on your device:
- Enable auto-update and do not neglect any update that arrives on the smartphone – they may contain fixes for critical bugs and vulnerabilities that ensure the protection of personal data.
- Download software only from Google Play and avoid using alternative application directories, because Google's verification method, although not perfect, still minimizes the likelihood of malware penetration.
- Do not give applications any permissions to the right and left, even if they require them and send notifications that they will not be able to work properly. In this case, it is better to treat the request critically and think about why the calculator might need access to SMS.
Frankly speaking, owners of smartphones Samsung, OnePlus, Google Pixel and partly Xiaomi can feel the safest in this situation. The fact is that these manufacturers are as responsible as possible in the process of adapting monthly security updates, trying to release them as soon as possible so as not to expose users to the danger of hacking. For the rest, unfortunately, things are frankly so-so with their quickness and care for clients.