Snapdragon Achilles Flaw Affects Android Phones
Snapdragon Achilles Security Flaw
Over a billion Android phones are vulnerable to a newly discovered security flaw dubbed Snapdragon Achilles. Researchers found more than 400 vulnerabilities in Qualcomm’s Snapdragon chip. Smartphones from manufacturers such as Samsung, Asus, LG, Google, and OnePlus all use the Qualcomm solution. This is such a popular chip that it could affect over 1 billion devices!
What is a Snapdragon Chip?
Qualcomm supply their Snapdragon chip to a large proportion of Android smartphone vendors. Snapdragon is a DSP (Digital Signal Processor). A single DSP chip may include features that a typical user will access every day:
- Smart and quick charging.
- Multimedia functions, such as HD video, streaming, and Augmented Reality (AR).
- Audio processing.
These chips also power other devices such as wearables, tablets, smart-home systems, and specific automotive systems, which can also be affected.
What Are The Snapdragon Vulnerabilities?
A security specialist called Check Point published the findings of their research in early August 2020. Their study found over 400 security vulnerabilities in the Snapdragon chip. They have aptly named it “Achilles.”
They found more than 400 vulnerable pieces of software code on the DSP chip. While they have not directly associated the chip with specific malware or virus attacks, they have published the fact that these flaws can lead to attacks such as:
- Attackers may be able to access the phone without user intervention. An attack can allow access to photos, videos, GPS, and location data. Particularly worrying are real-time functions such as the microphone. The phone is now the ultimate spying tool.
- Attackers may be able to make the smartphone completely unresponsive. No matter what a user does, they will not be able to access the phone or their data.
- Malware, viruses, and other cyber-attacks may be able to run in a completely undetectable way. They could become permanent and un-removable.
Is Snapdragon Achilles Easy to Fix?
Check Point has (rather sensibly) decided not to publish the specific details of the exploits publicly. Posting this information can lead to a considerable risk of bad people doing bad things! Qualcomm has been informed and is releasing a new SDK and a new compiler. They will be working with each manufacturer who will be responsible for patching their own devices.
Qualcomm has found no evidence of hackers using these flaws. So, Check Point has raised the flag early enough for everyone to act.
To be safe, users should ONLY download apps from trusted locations such as the official Google Play Store. Doing so is the best safeguard to try and ensure devices are secure.
Can Fortress Help?
Well, our comprehensive suite of protection features is always helpful to ensure your devices are secure from threats. However as a hardware-level problem, Snapdragon Achilles is something that only manufacturers can resolve. Our malware scanner will keep an eye on many threats and our Safe Site feature will ensure you know when you’ve hit a website that is unsafe.Return to News List