Android struggling to
regain its life
Quadrooter
QuadRooter!! Exposing over 900 Million Devices vulnerable to attack
Check Point just released an article to the media naming 4 Qualcomm vulnerabilities "quadrooter" where 900 million devices are affected also explicitly naming BlackBerry PRIV as first device. As we know, Qualcomm chipsets are in most (like 65%) Android handsets and so there is a good chance the phone you are reading this on, is affected. With Quadrooter, a hacker could inject an app with malware, somehow try and trick you into installing it and then proceed to root your phone and access all of the fun inside. You can imagine how that would be bad, right? Here is the PDF version of presenatation by Adam Donenfeld Senior Security Researcher @ Check Point
What are QuadRooter vulnerabilities?
The basics are that Quadrooter is a set of four vulnerabilities that affect Qualcomm chipsets at the driver level including- CVE-2016-2503 discovered in Qualcomm's GPU driver and fixed in Google's Android Security Bulletin for July 2016.
- CVE-2016-2504 found in Qualcomm GPU driver and fixed in Google's Android Security Bulletin for August 2016.
- CVE-2016-2059 found in Qualcomm kernel module and fixed in April, though patch status is unknown.
- CVE-2016-5340 presented in Qualcomm GPU driver and fixed, but patch status unknown.
How attacker can take advantage of it?
All an attacker needs is to write a piece of malware and send it to the victim. When installed, the malware offers the attacker privilege escalation on the affected devices.According to the researchers, the attack can also be conducted through a malicious app. An attacker needs to trick a user into installing a malicious app that, unlike other malware, would execute without requiring any special permission checks. See what Check Point researchers write in a blog post.
List of popular vulnerable devices
- BlackBerry Priv
- Blackphone 1 and Blackphone 2
- Google Nexus 5X, Nexus 6 and Nexus 6P
- HTC One, HTC M9 and HTC 10
- LG G4, LG G5, and LG V10
- New Moto X by Motorola
- OnePlus One, OnePlus 2 and OnePlus 3
- Samsung Galaxy S7 and Samsung S7 Edge
- Sony Xperia Z Ultra
How to be safe?
- Download and install the latest Android updates as soon as they become available. These include important security updates that help keep your device and data protected.
- Understand the risks of rooting your device – either intentionally or as a result of an attack.
- Examine carefully any app installation request before accepting it to make sure it’s legitimate.
- Avoid side-loading Android apps (.APK files) or downloading apps from third-party sources. Instead, practice good app hygiene by downloading apps only from Google Play.
- Read permission requests carefully when installing any apps. Be wary of apps that ask for permissions that seem unusual or unnecessary or that use large amounts of data or battery life.
- Use known, trusted Wi-Fi networks or while traveling use only those that you can verify are provided by a trustworthy source.
- End users and enterprises should consider using mobile security solutions designed to detect suspicious behavior on a device, including malware that could be obfuscated within installed apps.
- There has been no evidence that anyone has exploited the flaws yet.
Check whether your device is vulnerable or not?
Check Point released a free version of their app to check whether your device is vulnerable or not. This is a secure and free app make sure you download it from check point’s official website. Follow the link to download app.Refrences/labels
Defcon 24, Adam Donenfeld Senior Security Researcher,Check Point, privilege escalation, CVE-2016
0 comments:
Post a Comment