The Latest News.

- Advertisment -

MediaTek chip flaws make millions of Android smartphones vulnerable to spying

- Advertisement -

Cybersecurity researchers have uncovered multiple security flaws in chips made by Taiwanese manufacturer MediaTek(opens in new tab) found in 37% of the world`s smartphones, warning that some could be chained together to enable attackers to eavesdrop on unsuspecting users. Check Point Research (CPR) found the security flaws inside the audio processor that`s used in all modern MediaTek mobile chips. CPR explained that MediaTek chips contain a special AI processing unit (APU) and audio Digital signal processor (DSP), both of which have custom microprocessor architectures.

An app with system privileges can send specially crafted messages to the audio driver to execute code in the audio processor’s firmware and capture audio as it passes through the DSP. “In summary, we have demonstrated an entirely new attack vector that can exploit Android APIs. Our message to the Android community is to keep your devices updated to the latest security patches to stay protected.” , said Slava Makkaveev, a security researcher at Check Point Software. Both CPR and MediaTek claim that they have found no evidence of this vulnerability being exploited in the wild.

In order to find the degree to which MediaTek DSP could be used as an attack vector, CPR reverse engineered the MediaTek audio processor to reveal several security flaws. Explaining how a threat actor could exploit the security vulnerabilities, CPR says a hypothetical attack would begin with the user installing a malicious Android app, which uses the MediaTek API to attack a library that has permissions to talk with the audio driver.

- Advertisement -

News Summary:

NewsMediaTek chip flaws make millions of Android smartphones vulnerable to spying

Disclaimer: We want to be clear that the information on, including news, articles, reviews, and opinions, is intended for reading and knowledge purposes only. While we strive to provide accurate and up-to-date information, opinion and news, we cannot guarantee the completeness, accuracy, reliability, suitability, or availability of any information. Read more

Follow us on
Google News
- Advertisment -