MILLIONS of people around the world have been exposed to snoopers by dodgy microchips loaded into Android smartphones.
According to security experts, vulnerabilities in processors produced by Taiwanese firm MediaTek could have allowed malicious apps to spy on their users.
2
MediaTek, one of the world’s leading chip-makers, last month issued a fix for four bugs disclosed by researchers at cyber firm Check Point.
Its circuitry is found in one in three of the world’s smartphones, including high-end handsets from Xiaomi, Oppo, Realme, Vivo and more.
Check Point detailed the vulnerabilities exposed by its crack team of cyber buffs in a blog post last week.
Three the of vulnerabilities, dubbed CVE-2021-0661, CVE-2021-0662 and CVE-2021-0663, affected MediaTek’s audio digital signal processor (DSP) hardware.
If compromised, the sensitive component could allow attackers to spy on users’ chats and launch additional cyberattacks, Check Point said.
“A successful exploitation of the DSP vulnerabilities could potentially allow an attacker to listen to user conversations and/or hide malicious code,” researchers wrote in their November 24 report.
The fault affected a vulnerability in the AI and audio processing components for recent MediaTek chipsets.
It could have allowed what is called a local privilege escalation attack from a malicious app downloaded from the web or Google Play Store.
That app could get access to AI and audio-related information it shouldn’t have – theoretically allowing it to eavesdrop on device owners.
Fortunately, the vulnerability was not caught being exploited in the wild by Check Point.
The cyber security firm alerted MediaTek to the issues and the Taiwanese giant has since rolled out a patch to protect anyone exposed by three of them.
A fourth was also disclosed by researchers and will be fixed next month. Details are being kept a secret until the bug is patched.
It’s important to make sure your Android device is always up to date with the latest software. You can do that by heading into your device settings.
To check if you were exposed, some Android phones will show you the brand of chip you’re using in the About section in your settings.
2
Cyber expert Zak Doffman explains why you need to remove the Chrome app from your Android phone
In other news, scammers are tricking victims into handing over thousands of pounds by posing as their close family members on WhatsApp.
Samsung is reportedly killing off its beloved Note smartphone after more than a decade.
Apple has announced that it will let customers fix their own iPhones for the first time starting next year.
And, the UK is fighting an epidemic of hack attacks targeting consumers and businesses, according to officials.
We pay for your stories! Do you have a story for The Sun Online Tech & Science team? Email us at [email protected]
This post first appeared on Thesun.co.uk
