More than a billion users of Android devices risk hackers taking over their phones and making them unusable – or turning them into spying tools.
Security researchers at Check Point analyzed popular Qualcomm chips used in up to 40% of smartphones and found 400 serious vulnerabilities in the code.
When exploited, the vulnerabilities could allow hackers to gain access to private information such as photos and emails, or allow devices to become unusable.
Hackers could also use malware to make their attacks completely invisible to device owners, the researchers warned.
Read more: Twitter advises Android users to update their app
The Qualcomm ‘System On A Chips’ can be found in popular smartphones from companies including Google, Samsung, Xiaomi, LG and OnePlus, Check Point said.
The company said it had informed Qualcomm of the vulnerabilities but did not disclose details to protect the public.
Yaniv Balmas, head of cyber research at Check Point, said: “You can be spied on. You can lose all your data.
“If such vulnerabilities are found and used by malicious actors, they will find millions of mobile phone users who have almost no way to protect themselves for a very long time.”
In a blog post, the company wrote: “More than 400 vulnerable pieces of code were found in the DSP chip we are testing, and these vulnerabilities could have the following impact on users of phones with the affected chip.
Read more: Robot bartender goes for cocktails in Tokyo
“Attackers can turn the phone into a perfect spyware, without any user interaction required. The information that can be filtered out of the phone includes photos, videos, call recording, real-time microphone data, GPS and location data.
Attackers can constantly leave the mobile phone unanswered – making all information stored on this phone permanently unavailable – including photos, videos, contact information, etc. In other words, a targeted attack of service.
“Malware and other malicious code can completely disguise their activities and become irreplaceable.”
