The Leading News & Information Service For The Facilities, Workplace & Built Environment Community

900 Million Androids Have Security Risk

12 August 2016 | Updated 01 January 1970

The week ending August 12, saw Check Point disclose details about a set of four vulnerabilities affecting 900 million Android smartphones and tablets that use Qualcomm chipsets.

The Check Point mobile threat research team, which calls the set of vulnerabilities QuadRooter, presented its findings in a session at DEF CON 24 in Las Vegas.


What is QuadRooter?

  • QuadRooter is a set of four vulnerabilities affecting Android devices built using Qualcomm chipsets. Qualcomm is the world’s leading designer of LTE chipsets with a 65% share of the LTE modem baseband market. If any one of the four vulnerabilities is exploited, an attacker can trigger privilege escalations for the purpose of gaining root access to a device.

  • Some of the latest and most popular Android devices found on the market today use these chipsets, including:

  • BlackBerry Priv

  • Blackphone 1 and Blackphone 2

  • Google Nexus 5X, Nexus 6 and Nexus 6P

  • HTC One, HTC M9 and HTC 10

  • LG G4, LG G5, and LG V10

  • New Moto X by Motorola

  • OnePlus One, OnePlus 2 and OnePlus 3

  • Samsung Galaxy S7 and Samsung S7 Edge

  • Sony Xperia Z Ultra


How are Android devices exposed to this vulnerability?

An attacker can exploit these vulnerabilities using a malicious app. Such an app would require no special permissions to take advantage of these vulnerabilities, alleviating any suspicion users may have when installing.

Any Android device built using these chipsets is at risk. The drivers, which control communication between chipset components, become incorporated into Android builds manufacturers develop for their devices. Since the vulnerable drivers are pre-installed on devices at the point of manufacture, they can only be fixed by installing a patch from the distributor or carrier. Distributors and carriers issuing patches can only do so after receiving fixed driver packs from Qualcomm.

This situation highlights the inherent risks in the Android security model. Critical security updates must pass through the entire supply chain before they can be made available to end users. Once available, the end users must then be sure to install these updates to protect their devices and data.


How can I protect employees' devices from attacks using these vulnerabilities?

Without an advanced mobile threat detection and mitigation solution on the Android device, there is little chance a user would suspect any malicious behaviour has taken place.

If exploited, QuadRooter vulnerabilities can give attackers complete control of devices and unrestricted access to sensitive personal and enterprise data on them. Access could also provide an attacker with capabilities such as keylogging, GPS tracking, and recording video and audio.


How can my employees protect their personal devices from QuadRooter?

Check Point continues to recommend that organisations encourage employees to follow these best practices to help keep Android devices safe from attacks:

  • Download and install the latest Android updates as soon as they become available. These include important security updates that help keep your device and data protected.

  • Understand the risks of rooting your device – either intentionally or as a result of an attack.

  • Examine carefully any app installation request before accepting it to make sure it’s legitimate.

  • Avoid side-loading Android apps (.APK files) or downloading apps from third-party sources. Instead, practice good app hygiene by downloading apps only from Google Play.

  • Read permission requests carefully when installing any apps. Be wary of apps that ask for permissions that seem unusual or unnecessary or that use large amounts of data or battery life.

  • Use known, trusted Wi-Fi networks or while travelling. Use only those that you can verify are provided by a trustworthy source.

  • End users and enterprises should consider using mobile security solutions designed to detect suspicious behaviour on a device, including malware that could be obfuscated within installed apps.


For users who use their personal Android devices for work purposes, Check Point also recommends the following considerations:

  • Enterprises should deploy a mobile security solution that detects and stops advanced mobile threats.

  • Liaise with your mobility, IT or security team for more information about how it secures managed devices.

  • Use a personal mobile security solution that monitors your device for any malicious behaviour.

The Check Point mobile threat research team has compiled a report that includes a detailed analysis of each vulnerability and how attackers can exploit these on Android devices. Also available is a free QuadRooter scanner app on Google Play, which can tell you if these vulnerabilities exist on your device.

Picture: 900 million Android smartphones and tablets could already be a security risk


Article written by Adam Donenfeld | Published 12 August 2016


Related Articles

On Trend - Can Hackers Turn The Heat Off?

Ken Munro of Pan Test Partners has written a blog - the original of which and more pictures can be accessed if you Click Here  Munro says he has found...

 Read Full Article
Top 10 IT Security Predictions for 2018

As the headline fact, blatantly states, we have the top ten IT security predictions - courtesy of Ian Kilpatrick.   1. Security blossoms in the...

 Read Full Article
Andromeda Strained - International Cyber Op Dismantles Botnet

On November 29, the Federal Bureau of Investigation, in close cooperation with the Luneburg Central Criminal Investigation Inspectorate in Germany, Europol’s...

 Read Full Article
Action Fraud Helpline Goes Live For Live Cyber Attacks

Action Fraud, the national fraud and cyber crime reporting centre, has launched a 24/7 live cyber-attack helpline. During its pilot since October 2016, Action...

 Read Full Article
NHS Seeks Friendly Fire Power In Cyber War

NHS Digital has announced (Nov 28) a £20m project to boost its ability to support the NHS with its data security - including making funds available to encourage...

 Read Full Article
Uber And The Cyber Nightmare Ride

In an unprecedented move, the National Cyber Security Centre has commented specifically on the Uber data breach - with a coded reference to the fact that Uber tried to...

 Read Full Article
If Dolly Can Be Hacked, What About The Hand Dryer?

  Connected toys with Bluetooth, wi-fi and mobile apps may seem like the perfect gift for Christmas. But Which? has found that, without appropriate safety...

 Read Full Article
Yahoo Cyber Breach Was Bigger

Yahoo has announced (week ending Oct 6) that it is providing notice to additional user accounts affected by an August 2013 data theft previously disclosed by the company...

 Read Full Article
FTSE 350 - General Data Protection Awareness Good

The Government will soon be introducing its new Data Protection Bill to Parliament. With this almost certain to come into effect next May, implementing the General Data...

 Read Full Article
FTSE 350 Cyber Governance Health Check

Britain’s top firms and charities urgently need to do more to protect themselves from online threats, according to new Government research and a ‘cyber health...

 Read Full Article