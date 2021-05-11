The hacker introduces the malicious code through a rogue app, which takes advantage of a flaw in the MSM modem

This allows the intruder to access the calls and conversations of the mobile, he can even unlock the SIM card

The ruling affects around 30% of Android mobiles internationally

Nowadays our whole life is condensed in our mobiles: we watch series, we look for information for work and we buy through them. Therefore, it is more important than ever to protect them from possible external attacks and to be attentive to possible vulnerabilities on our device. A failure that has been known recently is that of the mobile processors produced by the American company Qualcomm, what would allow cybercriminals to listen in on calls or read conversations of those affected.

The Israeli Security Firm Check Point Research, was the one that discovered this defect in more than 30% of Android phones internationally, since Qualcomm has numerous contracts to provide processors to brands such as LG or Samsung, which use this operating system.

How Cybercriminals Access My Private Information

The error, which has been assigned the code CVE-2020-11292, is present in an element of Qualcomm processors, the so-called mobile station modem (MSM). For communication between the components of the MSM software and other subsystems of the phone, such as the camera or the fingerprint reader, Qualcomm uses a proprietary interface, known by the acronym QMI.

As Check Point Research has warned in a statement, hackers pThey might use the Android operating system as an entry point to inject malicious code -with a fake app downloaded by the user, for example-, through this QMI interface.

Here is added the problem of Android Play Store, whose applications pass fewer security inspections than those of other operating systems such as Apple’s iOS. With which it is much easier for a cybercriminal to create an app with malicious code and enter the mobile through it.

Once the hacker breaches the security barrier, this would give him access to both call history and SMS and conversations, and could even take advantage of it to unlock the SIM, thus overcoming the limitations imposed by the service providers.

Qualcomm assures that it has solved the problem, and sent a “patch” to the mobile brands with which it works to correct the failure. Therefore, the most recommended if you have an Android mobile is update it to the latest version of the operating system. However, it should be noted that the failure is not yet recorded in the National Institute of Standards and Technology (NIST) incident database.