Software Bug Put Several MediaTek Powered Android Smartphones Vulnerable to Attack

Software Bug Put Several MediaTek Powered Android Smartphones Vulnerable to Attack

Learn how to encrypt Android or iOS devices and stay protected
10 Best Android Hacks And Tweaks You Can Do Without Rooting Your Phone
Hidden code in Android Nougat will stop ransomware from resetting lockscreen passwords

If you own a Android device which is powered by MediaTek chipsets, then your device is vulnerable to cyber attack. Yes recent reports officially confirms that a software bug in MediaTek powered Android smartphones made them vulnerable to attacks.

Also Read : Google Confirms Security Issue in the Mainline Linux Kernel is Not a Major Threat for Android

LogBook : MediaTek Powered Android Devices Vulnerable to Attack

MediaTek has officially confirmed the existence of a software bug that has put several MediaTek powered Android devices at risk.

The vulnerability was originally reported by security researcher Justin Case earlier this month, the bug could potentially allow an attacker to enable root access on a vulnerable device.

Back on January 13th, Case reported to MediaTek the issue at hand. At that time, MediaTek responded that they are working on a patch and expect it to be ready shortly.

Also Read : ISIS Offering $10,000 To Indian Hackers To Steal Government Data

These comments were made over Twitter due to MediaTek’s lack of a security concern email and/or comment form. They’d be following up with their “Product Security Taskforce”, so they said.

Explaining the vulnerability, Case told Gadgets360 that MediaTek software has a “backdoor” that allows a user – or a malicious app – to enable root access. “Root user could do many things, such as access data normally protected from the user/ other apps, or brick the phone, or spy on the user, monitor communications etc,” – Case said

MediaTek explained that the vulnerability stems from a debug feature that the chip-maker said smartphone manufacturers should have disabled before shipping the devices and told that  that the vulnerability exists on devices running Android 4.4 KitKat.

“We are aware of this issue and it has been reviewed by MediaTek’s security team. It was mainly found in devices running Android 4.4 KitKat, due to a de-bug feature created for telecommunication inter-operability testing in China.”

“After testing, phone manufacturers should disable the de-bug feature before shipping smartphones. However, after investigation, we found that a few phone manufacturers didn’t disable the feature, resulting in this potential security issue.” – MediaTek Spokesperson

The bug is noted to reside in many MediaTek powered Android smartphone but MediaTek declined to specify the smartphone models and the number of handsets that are impacted.

MediaTek says that the patch is on the way, so if you own a MediaTek powered Android smartphone, it would be prudent for you to keep a watch on strange behaviour in your smartphone.

Also Read : NSA Chief Hacker Explains How To Avoid NSA Spying

COMMENTS

WORDPRESS: 0