Researchers at Check Point, a security firm, have discovered a set of vulnerabilities in Android devices running on Qualcomm chipsets. Termed as QuadRooter, this issue affects over 900 million units.
So how does it work? First, the attacker has to be able to trick the user to install a malicious app. Once installed, the attacker can then gain full access to the device. This includes not only the data, but also hardware as well (ex: Camera, Microphone). To give you an idea, this issue affects even recent nexus devices and flagships.
Fortunately, Qualcomm has already been notified about this issue back in April. Three of the four vulnerabilities were fixed through monthly Android security updates. Unfortunately, we will have to wait until September for the fix to the remainder.
For the meantime, Check Point recommends following these practices for protecting your device:
Check Point has also released a QuadRooter Scanner app on Google Play. The app checks a device for the said vulnerabilities.
You may read up on Check Point’s full blog post here.