U.S. chip company Qualcomm has agreed to pay $7.5 million to SEC as settlement over charges of corruption involving Chinese officials. (Photo : REUTERS)
Android users have another exploit to fear dubbed as the Quadrooter which targets virtually all Qualcomm chipsets that have a large market share on available smartphones in the market.
The name is taken from the fact that there are four vulnerabilities that can allow hackers to take the root access in a user's Android smartphone. For those unfamiliar, root access is needed to access, delete or move system files and it could also allow installation of most apps.
Quadrooter can be exploited if a user installs a malicious app on their Android smartphones with a Qualcomm chipset, Droid-life has learned. Once the app or apk file has been installed, the hacker would be able to remotely target their smartphone and gain root access.
Hackers with root access can basically do almost anything on an Android smartphone. They could turn on the camera without the user even knowing that it is on or record their conversations without the user's knowledge.
They can also siphon off the passwords of the accounts used in the installed apps. It becomes particularly harmful if the hacker was able to get the usernames and passwords for the social media and banking apps of the user.
Qualcomm has already released three out of the four patches required to completely fix the Quadrooter problem, Computerworld reported. The last patch is expected to be rolled out in September which is several weeks away and hackers can still dupe some gullible Android users to install malicious apps onto their Qualcomm-powered smartphones.
Manufacturers can already seek out the patch from Qualcomm themselves if they really want to provide the best for their customers. The only reason why it was not globally rolled out yet is because it did not make it to the August security patches.
In order for Qualcomm customers to protect themselves from the Quadrooter exploit, they need to refrain from installing APK files from third-party sites as much as possible. Users who want to try out new apps and games can do so by downloading their official files from the Google Play Store as the search engine giant has a strict process of filtering out malicious files on their app marketplace.
