A vulnerability in a chip manufactured by $60 billion market cap Taiwanese tech giant MediaTek left a third of all of the world’s smartphones and internet of things devices open to remote snooping of phone calls and spying via the device microphone, researchers have claimed.
The problems lay in the part of MediaTek chips that handle audio signals, according to researchers at Israeli cybersecurity company Check Point. For a remote attack to work, a hacker would need to first have malware installed on the target Android phone, or smart device, or find some way to access the MediaTek audio firmware. Once installed, the malware could write malicious code to device memory by exploiting the ways in which the audio processor worked with Android. It would then have been possible to “steal the audio flow” on the device, allowing the hacker to eavesdrop on an Android user or install more malicious code on the device.
“Left unpatched, a hacker potentially could have exploited the vulnerabilities to listen in on conversations of Android users,” said Slava Makkaveev, security researcher at Check Point.
The three distinct vulnerabilities were addressed by MediaTek in October, though users have been advised by Check Point’s researchers to check with their phone manufacturer, if they believe they have not received an update. MediaTek chips can be found in smartphones made by Android phone giants like Xiaomi and Oppo.
MediaTek, reportedly the largest supplier of mobile chips in the world, had not responded to requests for comment at the time of publication. But in a release from Check Point, MediaTek’s product security officer Tiger Hsu said: “We worked diligently to validate the issue and make appropriate mitigations available to all [original device manufacturers]. We have no evidence it is currently being exploited. We encourage end users to update their devices as patches become available and to only install applications from trusted locations such as the Google Play Store.
Check Point told Forbes it had disclosed the issues to both Google and Xiaomi, as well as MediaTek, leading to the fixes. The researchers believe that most users are protected as Android phones download security updates automatically or prompt users to do so.
Such weaknesses allowing remote control of Android devices show up commonly in Android phones, though chip-level issues are rarer. Check Point claims this is the first time anyone has researched the MediaTek audio software, representing an entirely “new attack vector to gain privileges from an Android app.”
In August last year, Check Point found weaknesses in Qualcomm Snapdragon chips, also leaving around 40% of all global smartphones vulnerable to snooping.