According to the security researchers from Check Point, Qualcomm Snapdragon digital signal processor (DSP) chip has 400 vulnerabilities within it’s code section. This will affect nearly 40% of the global android phone excluding the Apple smartphones.
This vulnerability allows hackers to access the phone’s data like photos, call records, location info, and real time microphone data by installing an app without users permission. Most importantly, you would not able to know that someone is spying on you by tracking your activity.
According to the Forbes report, Qualcomm has already notified all the relevant vendors and patched the vulnerabilities. But the threat will be there until each android phone gets security update.
Yaniv Balmas, Head of Cyber research at Check Point said, “Although Qualcomm has fixed the issue, it’s sadly not the end of the story. Hundreds of Millions of phones are exposed are exposed to this security risk.” Further Balmas says, It can take months, possibly years to mitigate this risk from all the Android device completely.
Although Check Point has publicly informed about this , but it will not reveal the technical details of the vulnerability because that could be a thumbs up for hackers.
Safety Measures for Qualcomm powered phones
- Do not use public Wi-Fi
- Do not install apps from unverified sites
- Update your phone as soon as you get it
A Qualcomm spokesperson has given the following statement to Forbes:
Providing technologies that support robust security and privacy is a priority for Qualcomm. Regarding the Qualcomm Compute DSP vulnerability disclosed by Check Point, we worked diligently to validate the issue and make appropriate mitigations available to OEMs. We have no evidence it is currently being exploited. We encourage end users to update their devices as patches become available and to only install applications from trusted locations such as the Google Play Store.