Skip to content

A new vulnerability in 40% of smartphones may allow hackers to listen to phone calls

A new vulnerability in 40% of smartphones may allow hackers to listen to phone calls

A vulnerability found in nearly 40% of all smartphones could allow hackers to access users’ call and text history and even listen to phone conversations.

Security firm Check Point Research (CPR) found the security flaw classified as CVE-2020-11292 in Qualcomm’s mobile station modems (MSM), the chip used for cellular communication in many mobile phones, including those manufactured by Google, Samsung, LG, Xiaomi, and OnePlus. 

Designed to support advanced features in high-end phones

CPR said that many mobile phone makers now rely on third parties such as Qualcomm to produce hardware and software for their phones amid demand for these devices. More than 3 billion people worldwide now use mobile phones, and the number is expected to rise in the coming years.

Qualcomm designed MSM for high-end phones to support advanced features such as 4G LTE and high definition recording. 

“MSM has always been and will continue to be a popular target for security research and for cybercriminals. After all, hackers are always looking for ways to attack mobile devices remotely, such as by sending an SMS or a crafted radio packet that communicates with the device and has the ability to take control of it,” CPR wrote in a blog post.

Securing mobile devices

A Qualcomm representative told Tom’s Guide that CPR’s attack scenario would require breaking into Android security first, which means that a successful exploit would already give the attacker access to the mobile phone user’s text and call information. 

The representative said that Qualcomm will publicly include a fix for the vulnerability in the June Android security bulletin next month.

“Qualcomm Technologies has already made fixes available to OEMs in December 2020, and we encourage end-users to update their devices as patches become available,” the Qualcomm representative said. 

CPR said that mobile phone users should observe security best practices to safeguard their devices from attackers.

It said that phones should always be updated to the latest version. It also advised users only to install apps from the official app stores, install a security solution on their devices, and enable “remote wipe” capability on their device to minimize the possibility of losing sensitive data.

Best Crypto Exchange for Intermediate Traders and Investors

  • Invest in 70+ cryptocurrencies and 3,000+ other assets including stocks and precious metals.

  • 0% commission on stocks - buy in bulk or just a fraction from as little as $10.

  • Copy top-performing traders in real time, automatically.

  • Regulated by financial authorities including FCA and FINRA.

2.8 Million Users
eToro is a multi-asset investment platform. The value of your investments may go up or down. Your capital is at risk. eToro USA LLC does not offer CFDs, only real Crypto assets available. Don’t invest unless you’re prepared to lose all the money you invest.

Read Next:

Weekly Finance Digest

By subscribing you agree with Finbold T&C’s & Privacy Policy

Related posts