Hackers Can Record Your Mobile Phone Calls Thanks to Critical Flaw
A new report from security firm
Check Point Research shows how Qualcomm chips can expose your devices to serious security threats. Qualcomm’s Mobile Station Modem (MSM), which dates all the way back to the early 90s, can reportedly be exploited by hackers with ease.
ALSO READ
Qualcomm MSM is commonly used in smartphones with 2G/3G/4G and even some 5G devices at present and it has a critical security flaw. This flaw can be exploited by hackers remotely as easily as sending an SMS text.
Once attackers take advantage of this exploit, they can listen to your phone calls, read all your text messages, and even unlock your SIM card to bypass restrictions placed by carriers. The report adds that around 30% of smartphones in the world use Qualcomm chipsets and are thus potential targets of the exploit.
Bug in Qualcomm mobile chip puts Android users’ privacy at risk
Qualcomm has confirmed the bug and fixed the issue and mobile players are notified, according to the researchers.
By IANS| Posted by Minhaj Adnan | Published: 8th May 2021 1:43 pm IST
New Delhi: Cyber security researchers have discovered a high-risk security vulnerability in Qualcomm mobile chip responsible for cellular communication in nearly 40 per cent of the high-end phones offered by Google, Samsung, LG, Xiaomi and OnePlus.
If exploited, the vulnerability in Qualcomm mobile station modem (MSM) would have allowed an attacker to use Android OS itself as an entry point to inject malicious and invisible code into phones, granting them access to SMS messages and audio of phone conversations, according to Check Point Research.
A fix is on the way on May 6, 2021, 16:40
Why it matters: There are over 3 billion smartphone users around the world and almost a third of those devices use Qualcomm modems that have a large number of vulnerabilities, allowing attackers to unlock your SIM and listen in on your conversations, among other things. Given the way the vast Android ecosystem works, the fix will take a while to reach all affected devices.
If the BLURtooth vulnerability didn t look particularly worrisome, now we have a new security problem that creates a potential backdoor into a third of all mobile phones in the world, including high-end Android phones made by Samsung, LG, Google, OnePlus, and Xiaomi.
Qualcomm Snapdragon 5G modem flaw puts Android users at risk
JC Torres - May 6, 2021, 8:03pm CDT
Manufacturers and network operators have been pushing 5G technology hard, even throughout a pandemic that forced some industries to stall for a while. Now it seems, however, that one of the most critical pieces of hardware that enables that technology for users might be putting them at risk as well. Qualcomm’s 5G modem reportedly has a very severe flaw that can be exploited through Android, putting potentially hundreds of thousands of users at risk.
The flaw, according to Check Point Research, can be found in Qualcomm’s Mobile Station Modem, a technology that has been around since 1990. It is responsible for many of the modem-related features from 4G LTE and, subsequently, 5G as well. That means that almost every phone that uses a 5G-capable Qualcomm processor is potentially affected by this vulnerability but there is one other element that makes it worse.
Qualcomm s Modem Bug Makes Billions of Android Devices Exploitable May 7, 2021 06:10 GMT
· Comment
A flaw in Qualcomm s Mobile Station Modem (MSM) chip, used in 30% of all mobile devices worldwide, can be exploited from within Android.
Both hackers and researchers are interested in how MSM can be remotely controlled by sending an SMS or a specially designed radio packet that communicates with the device and allows them to take control of it.
However, MSM can also be accessed from inside the system, and that s how Check Point Research decided to approach it (CPR).
The Qualcomm real-time OS, which is secured by the TrustZone, manages MSM on an Android computer. Regardless of whether it is a rooted device, it cannot be debugged or dumped, leaving only a vulnerability as the only way to access the MSM code.