Researcher finds serious vulnerability in wi-fi chip that billion smartphones is
A beveiligingsonderzoeker has a serious leak is found in a wi-fi chip in smartphones of all kinds of different brands. There are at least 1 billion smartphones in use that have been hacked, could be from the leak.
Investigator Nitay Artenstein of the company Exodus Intelligence discovered a vulnerability in wi-fi chips from Broadcom, which are used in iPhones from Apple and Android phones from well known manufacturers such as Samsung.
Apple has the leak last week resolved with an update. Google brought at the beginning of this month an update to Android phones, although there will be a lot of older devices that update was not received.
The method of Artenstein takes advantage of the connection process with well-known wi-fi networks. Due to a bug in that process, it was possible to have the wi-fi module to take over. Then could the worm, which he developed even further spread to other phones, without the user itself is something needed to do.
According to Artenstein, it was likely also have been possible to then select the ‘kernel’ of the phone, the beating heart of the operating system, to take over. That he has not, however, done. “For a real attacker with the right resources, it would not be a problem”, says the researcher at Wired.
Artenstein, who are research Thursday presented to the hackersconferentie Black Hat in Las Vegas, says that mobile operating systems are getting better to be boarded up against hackers. Therefore, they will focus, according to him, increasingly the weak links in the chain such as the relatively obscure chips in many devices.