Security Flaw Leaves Android User Data at Mercy of Hackers

The Quadrooter bug could allow hackers complete access to user information

Security Flaw Leaves Android User Data at Mercy of Hackers
Image: Pixabay
August 8, 2016

A security flaw in the operating system has been discovered on more than 900 million Android phones, potentially leaving user data completely open to hackers.

The bug has been deemed Quadrooter, and it affects chips manufactured by the firm Qualcomm. The vulnerabilities were found in the software that handles graphics as well as in code controlling communication between different servers running inside phones. The bug would allow a hacker to gradually take control of a device and gain complete access to data stored on it.

Although no evidence has been found to date of hackers exploiting these flaws, it may only be a matter of time.

"I'm pretty sure you will see these vulnerabilities being used in the next three to four months," said Michael Shaulov, head of mobility product management at Checkpoint, where the flaws were found. "It's always a race as to who finds the bug first, whether it's the good guys or the bad."

Although Shaulov predicted that it would take at least six months for engineers to fix the problems completely, Qualcomm has already begun to create and distribute patches, though it was not clear how many providers have released the updated software.

Many of the most popular devices running Android are at risk due to the bug. These include the Blackberry Priv, Blackphone 1 and Blackphone 2, Google Nexus 5X, Nexus 6, Nexus 6 P, HTC One, HTC M9, HTC 10, LG G4, LG G5, LG V10, New Moto X by Motorola, OnePlus, OnePlus 2, OnePlus 3, US versions of the Samsung Galaxy S7 and Samsung S7 Edge, and the Sony Xperia Z Ultra.