Thursday 18 May 2017, Poradnik bezpieczeństwa
Wi-fi hack can take over your smartphone – a gap in Wi-fi module
Lost24
The security experts from Google Project Zero have revealed a vulnerability associated with Wi-fi chipsets developed by Broadcom, currently being used in the Android, iPhone, Samsung, Acer, Motorola, LG, Sony Ericson and Asus devices.
The flaw can be exploited by hackers to gain control over the device. In order to do so the attackers need to be within the Wi-fi range of the affected device to silently take it over. The vulnerability allows to send Wi-fi frames, crafted with abnormal values, to the Wi-Fi controller in order to overflow the firmware’s stack.
High-skilled hackers can also deploy malicious code to take full control over the victim's device and install malicious apps, like banking Trojans and ransomware, without the victim's knowledge.
The Broadcom company was notified about the flaw and was able to provide a necessary fix for Google and Apple devices. Both companies have addressed the vulnerability with an appropriate security updates released via Android Security Bulletin and Apple iOS 10.3.1 update respectively.
The remaining devices are still affected by the vulnerability and still await for the patch.
For the time being the users of the unpatched phones should refrain themselves from connecting to public Wi-fi networks. This simple act does not guaranty a complete security, but it will definitely make it more difficult for the hackers to take over the control of the device.
There are no comments