Android Users Vulnerable to Remote Hacking

Google’s Project Zero, a well-known group of security researchers, recently issued a warning to Android phone users regarding the use of Wi-Fi calling.

The team confirmed that Samsung’s Exynos chipsets contain multiple vulnerabilities that enable “internet-to-baseband remote code execution,” which means hackers could potentially take remote control of certain Android phones.

Google’s Project Zero Warns of Android Vulnerabilities

The Google Project Zero team found multiple flaws in Samsung Exynos chipsets. Four of them could let hackers remotely compromise certain Android devices using only their phone numbers.

These software flaws, known as zero-day vulnerabilities, have not yet been protected by a patch.

If left unchecked, skilled attackers could rapidly develop an operational exploit to compromise affected devices without being detected. Samsung has only released updates for a subset of the affected devices, leaving users vulnerable.

The remaining fourteen vulnerabilities discovered by Project Zero were deemed to be less severe. However, it is imperative to remain vigilant and take the necessary precautions to protect your devices from such attacks.

Protecting Your Android Phone from Potential Attacks

While Google’s Smartphones already have received a fix for the vulnerabilities, Samsung has only issued a patch for a portion of the vulnerabilities.

Affected devices may also include automobiles with an Exynos Auto T5123 chipset. Google advises Android users who have not recently updated their phones to disable Wi-Fi calling and Voice-over-LTE in the interim (VoLTE).

Wi-Fi calling and VoLTE are features that enable users to make calls and send text messages even when they are not connected to cellular service, by utilizing Wi-Fi networks or the LTE network instead.

By deactivating these features, users can prevent potential hackers from exploiting these vulnerabilities.

The Project Zero team recommends that users update their phones as soon as new patches and software are released to prevent potential attacks.

This article appeared in Right Wing Insider and has been published here with permission.