A problem with Mediatek chips – which has now been addressed – meant malicious android apps could’ve accessed phone audio.
Millions of Android users have a chip in their phones that could have allowed malicious apps from the app store to eavesdrop on their conversations, a security research team has found.
The microchip that contains the issue is present in about 37% of the world’s smartphones, and Android users were potentially left open to threat actors before the issue was patched.
Stories like this are a reminder that you have to take security into your own hands and bolster your mobile security provisions rather than relying on, say, the company that makes your phone. Anti virus software, for instance, is just as useful on your phone as it is on a traditional computer.
What was the Issue with the Chip?
Mediatek’s System on a Chip (SoC) includes two things, one called an AI Processing Unit (APU) and another called a Digital Signal Processor (DSP). In short, they help with improving media performance and reducing CPU usage in devices that house them.
Checkpoint, the security firm that identified the issue, said in their research findings that they “reverse-engineered the MediaTek audio DSP firmware despite the unique opcodes and processor registers, and discovered several vulnerabilities that are accessible from the Android user space.”
A “malformed inter-processor”, Checkpoint claim, could be used to hide and subsequently execute malicious code inside the DSP firmware, and because the DSP inside a device has access to incoming audio (it processes digital signals), it could be used to listen to the conversations of whoever is near or on the phone.
Interestingly – and quite concerningly – none of the vulnerabilities required interaction with the user to be exploited. However, thankfully, there seems to be little evidence the vulnerability has been exploited in the wild.
The vulnerabilities being tracked were named CVE-2021-0661, CVE-2021-0662, CVE-2021-0663, all three of which were fixed in October.
A fourth vulnerability, dubbed CVE-2021-0673 that was presented in Mediatek Hardware Abstraction Layer (HAL) was also fixed in the same month, but this won’t be announced until December. The researchers at Checkpoint were able to use this to disrupt the hardware inside the Mediatek chip they were analyzing.
Why Android Users Were at Risk
Checkpoint estimates that these vulnerabilities were present in more than one-third of the world’s smartphones.
In the second quarter of this year, around 43% of the smartphones shipped contained the Mediatek Chip, up from 24% from the same period in the year prior.
If a malicious app on the Android store was coded sufficiently, it could, in theory, access the internal AI and related audio data. The flaw is certainly a complicated one and would have taken some significant technical nous to actually achieve it, but it’s entirely possible.
There is a feature on the Google Play Store called Play Protect, which can scan apps on phones to see if there’s malware present, but it’s unclear whether Play Protect would have picked up Apps coded to exploit this vulnerability.
Security Matters – Especially on Phones
Whenever we think of computer viruses, hackers, scammers, and fraudsters, many people’s mind goes to their desktop PC or Laptop. But phones are just smaller computers and are equally as susceptible to malware infections and phishing attacks.
Nowadays, it’s vitally important that you invest in adequate security provisions on your phone as well as the computer you use for working, gaming, and watching Netflix. VPNs, for instance, are one of the most useful pieces of tech you can invest in for your phone – although they’re more of a privacy tool first and foremost.
Antivirus software is available for phones too, which is a good idea to have if you have an Android considering how many Android apps on the Google Play Store have been found to contain malware and used to orchestrate phishing attacks.
As your business grows, safeguarding the applications and systems it relies on involves a unique approach that balances accessibility with cybersecurity. At Raptor IT Consultants, our mission is to establish a foundation for your network resources that empowers users to work efficiently, while offering scalable, managed IT services that complement any business model; affordably. #raptoritnetwork