It is increasingly said that mobile devices, i.e. smartphones, are now on a par with powerful desktop PCs, but the combination is not only valid in terms of performance but also in terms of security.A recent discovery puts millions of users on the alert. equipped with a device with a Qualcomm chip, as some vulnerability flaws in the Hexagon DSP of Snapdragon processors, could allow the attackers of the case to control and spy on an Android phone, as well as make it inaccessible and hide the malicious activities in place.
The study and the discovery in question was carried out by the researchers of Check Point Software Technologies. It should be noted that Qualcomm has already developed the fix patches but the various OEMs have yet to implement them, so it is about 40% of smartphones in the world that are at risk of threat.
Let's first clarify what a DSP is, that is a digital signal processor designed to execute certain sequences of instructions, such as mathematical functions for example, with minimum power consumption. A DSP can be found inside smart speakers, headphones and smartphones precisely, for example by carrying out the decoding of MP3 files and relative action of active noise cancellation.
Trouble for Android smartphones with Snapdragon CPUs: a flaw in the DSP allows you to spy on users
Of course, we have summarized the definition of a DSP to the maximum, but what is important to emphasize is the risk to which Android smartphones equipped with Snapdragon SoC can be exposed. For example, the bad guys can turn our device into a real spying tool, taking information such as photos, videos, GPS position; microphone data in real time etc ..
The device with a Snapdragon CPU on board could become permanently inaccessible thanks to the vulnerability discovered and at best it could simply hide the malicious activities in place, such as malware that would give vent to the hacker's activities.
Without going into the specifics of acronyms and technical names, the vulnerabilities have been classified while for greater security Check Point Research has decided not to publish all the technical details of these vulnerabilities until the mobile phone manufacturers have a complete solution to the possible risks. .
We therefore hope that the producers push on the accelerator in interpreting the patches already released, on their devices.
