Got an Android phone? Then you're going to want to pay very close attention to any apps you've been downloading of late.
Researchers at security firm Check Point have revealed a set of serious security vulnerabilities in Android phones operating with a Qualcomm chip - which is a lot of Android phones. Like, 900 million of them.
Here's everything you need to know about the security issues, dubbed "Quadrooter".
What is the 'Quadrooter' problem?
Adam Donenfeld, lead mobile security researcher of Check Point, outlined the issues at the Def Con security conference in Las Vegas.
"During our research, we found multiple privilege escalation vulnerabilities in multiple subsystems introduced by Qualcomm to all its Android devices in multiple different subsystems."
In short, the researchers identified a series of flaws in Qualcomm chips that would allow malicious software (like an app) to gain control of a smartphone without having to first ask permission from the phone user.
Apps usually have to request that a user give them 'permission' to access various features of your phone, from contact lists to your camera.
Because the chip forms the 'root' of the phone's structure, a hacker would be able to take control of every aspect of the phone if they were able to convince a user to download their malicious app.
Which phones are affected?
Loads. Loads and loads. Such as...
- Google's Nexus 5X, Nexus 6, and Nexus 6P
- HTC's One M9 and HTC 10
- Samsung's Galaxy S7 and S7 Edge
- The BlackBerry DTEK50
How do I stop the Quadroot problem?
Well, you can't.
The best thing you can do is ensure you've downloaded your phone's most recent updates and stay far, far away from any app that doesn't come from a trusted source.
A fix is on the way
The research group Check Point notified Qualcomm of the issue, and the company has already sorted out a patch to fix the problem.
Three major flaws have already been removed with updates that have been sent out by smartphone manufacturers in recent weeks, with one final flaw set to be addressed in an update set to arrive in September.
So: download your updates, stay away from weird apps and cross your fingers.