A new security bug has exposed android phones to hackers

by Marty Carlson

CBS news and multiple other sites have reported today that researchers are warning that a software issue can leave your android phone vulnerable to hackers. FireEYE, a security firm, wrote in a blog post Thursday that a software package from QUALCOMM has a flaw in it that to give hackers a backdoor into your phone where they could read messages and call history’s.

The virus, called CVE-2016-2060, was discovered when QUALCOMM the chipmaker, had provided new APIs to developers that was part of a system network manager. Apparently those APIs were actually part of another system which open the vulnerability.

QUALCOMM has reportedly issued a patch to fix the vulnerability.

For the phone’s data can be accessed through the flaw an attacker would either have to have physical access to an open android device or the availability to the phone to install a malicious app.

Reports from FireEye say that this malware could flow through the phone without setting off any type of security alarms.

Places like Google play will not flag it as malicious, and it’s hard to believe that any antivirus would flag it as a threat. In addition, the permissions required for this virus to be activated to be done through millions of different types of applications and wouldn’t tip off the user of what has happened.

When asked how many devices were at risk the security firm said there is no definitive answer but, but it sounded like it could’ve been a large number of android phones using that QUALCOMM software.

QUALCOMM is said it has put out a patch for the issue and has notified customers of the flaw. Personally I believe I have one of those forms and I have received no notifications.

In addition, FireEye has reported that despite the patch that many devices will never be part properly protected.

Here the android security Bulletin: https://source.android.com/security/bulletin/2016-05-01.html

I suggest you contact your service provider and talk to them about where you can locate the fix for the android phone as I’ve not been able to find anything on the QUALCOMM site myself.