Researchers have found that Snapdragon series smartphone chipsets from Qualcomm, which is widely being used in Android devices, has over 400 instances of vulnerable code that puts millions of users at risk.
Check Point, a cybersecurity firm has found that the DSP (Digital Signal Processor) used in Qualcomm Snapdragon chipset has the vulnerable code which it is calling “Achilles” and is claimed to impact phones to be used as a spying tool.
An app can bypass the usual security measures and can then access phone’s photos, videos, GPS, and location data, that too without the owner knowing about it. The attacker can also lock the phone with all the data stored, rendering it useless. It can also be used to store unknown and unremovable malware on the device.
The research firm has said that it has notified Qualcomm about its findings, as well as government officials and affected vendors. Given that millions of Android devices are at risk, the company has not published the details about its findings.
EDITOR’S PICK: iQOO 5, iQOO 5 Pro launched with 120W fast charging, 120Hz curved display, and 50MP triple cameras
It is also being reported that Qualcomm has now fixed the issue but the affected devices can only be secured once the phone manufacturers start pushing the relevant updates and security patches to the affected phones, which is likely to take time.
In a statement, Qualcomm said that it has worked hard to validate and fix the issues. It also added that the company has not found any evidence of the Achilles vulnerability being exploited in the wild.
UP NEXT: United States reinforces restrictions put on Chinese giant Huawei’s access to chips and other technologies
