Zero-Day Flaw in Qualcomm Chips Exploited to Attack Android Users

Make use of special symbols, numbers, and characters. Never divulge your passwords to third parties. Don’t use the same password on several platforms. People frequently share these suggestions to make sure you protect yourself and your sensitive information online.

Regretfully, you can take every precaution and yet be in danger. As an example, Qualcomm recently disclosed that hackers had taken advantage of a flaw in 64 of its chipsets to attack Android users.

Chipmaker Qualcomm said recently that hackers had taken advantage of a zero-day vulnerability in dozens of its chipsets, which are included in well-known Android smartphones. A zero-day vulnerability is a security issue that the hardware manufacturer was unaware of when it was exploited.

Officially known as CVE-2024-43047, the zero-day vulnerability “may be under limited, targeted exploitation,” Qualcomm said, citing vague “indications” from Google’s Threat Analysis Group, the company’s research division that looks into government hacking threats. According to Qualcomm, Google’s evaluation was validated by Amnesty International’s Security Lab, which defends civil society against dangers of digital spying and malware.

The Qualcomm vulnerability was added to the list of vulnerabilities that are known to be or have been exploited by the U.S. cybersecurity agency CISA.

There are currently little facts available regarding who was employing this vulnerability “in the wild,” which indicates that the person using the zero-day was focusing on actual hacking efforts. Furthermore, neither who was targeted nor why is now known. 

Qualcomm praises “the researchers from Google Project Zero and Amnesty International Security Lab for using coordinated disclosure practices,” according to Qualcomm spokesperson Catherine Baker, who talked to TechCrunch. This enables the business to release solutions for the issue.

For more information regarding the threat activities, the chipmaker cited Google and Amnesty.

Hajira Maryam, a spokesman for Amnesty International, told TechCrunch that the organization will soon release research on this vulnerability.

According to Google representative Kimberly Samra, TAG does not currently have anything to offer.

“Fixes have been made available to our customers as of September 2024,” a Qualcomm representative stated. The onus now shifts on Qualcomm’s clients, the Android device manufacturers that use the susceptible chipsets, to install the patch on their clients’ devices.

The company’s flagship Snapdragon 8 (Gen 1) mobile platform, which is utilized in dozens of Android phones, including some manufactured by Motorola, Samsung, OnePlus, Oppo, Xiaomi, and ZTE, is one of 64 chipsets that Qualcomm listed as being impacted by this vulnerability in its advisory. This means that millions of users worldwide may be at risk.

However, the fact that Google and Amnesty are looking into the usage of this zero-day under “limited, targeted exploitation” indicates that the hacking effort was probably deployed against a small number of targets rather than many. 

It should go without saying that Qualcomm manufactures a large number of the chipsets found in Android handsets. In addition to its flagship and low-end Qualcomm Snapdragon processors, the business also manufactures modems and smartphone networking components.

Regretfully, given the vast number of chipsets Qualcomm uses in Android smartphones worldwide, news of a zero-day vulnerability in 64 of its chipsets—including the Snapdragon 8 Gen 1 and Snapdragon 888—as well as connectivity modules like the FastConnect 7800, which are present in the Snapdragon 8 Gen 2 and 8 Gen 3—is extremely concerning.

Furthermore, Android smartphones aren’t the only ones that may have been at danger. One of the impacted chipsets is the Snapdragon X55 5G modem, which is used in the iPhone 12 series. However, it’s unclear if iPhone users were specifically targeted.