This zero-day flaw, invisible to the majority of users, offers an opportunity for cybercriminals to access personal information. The term “zero-day” refers to a security flaw that has not yet been fixed by manufacturers because it was unknown to them at the time of its discovery. In this case, the vulnerability identified in Qualcomm chips is cause for concern. Indeed, this type of defect would be feared in cybersecurity because it leaves a period of time where hackers can exploit the problem before a solution is put in place. The consequences are therefore potentially disastrous for the user.
Be careful if you use WhatsApp on Mac: a security vulnerability has been discovered
Total control in the hands of hackers?
According to experts, the flaw would allow remote exploitation via memory corruption. In other words, malware could write data to an inappropriate location in the device’s memory.
Hackers could then take full control of the smartphone, with the ability to steal sensitive information, spy on users or even install malware without their knowledge.
Who is affected?
Among the affected chips, we find high-end models but also more affordable chips. Chips which are therefore present on devices intended for the general public. The diversity of processors affected also shows the extent of the threat: users of all brands and ranges of phones are affected. Manufacturers such as Samsung, Xiaomi, OnePlus and Motorola are among the companies whose models could be vulnerable. A real time bomb therefore in the Android ecosystem.
Fifth day of pro-Russian cyberattacks in Belgium: media sites, including RTBF and the Belga agency, affected
Currently, Qualcomm has released a list of 64 processor models affected by this flaw. But the question now is how long it will be before the necessary fixes are deployed. In the meantime, users are advised to take precautionary measures: update their phone, strengthen their passwords and be particularly attentive to questionable emails and SMS messages.
Despite everything, there is good news, so to speak. While Qualcomm has acknowledged that hackers have already exploited this flaw, for the moment it appears to be mainly exploited for targeted attacks rather than large-scale offensives.
