More Than 3 Bill Smartphones Users Are At Risk

In this episode of The Cybersecurity Insider podcast, Yigal Behar from 2Secure Corp discusses a serious issue exposed by Checkpoint researchers. 

They found over 400 vulnerabilities in Qualcomm’s Digital Signal Processing (DSP) chip, which could allow hackers to spy on your smartphone without you even knowing!¹ 

These vulnerabilities can put your privacy at risk, and in this episode, Yigal explains what you need to know to protect yourself.

What Is A DSP?

DSP is a technology used in smartphones to improve several features that make your device work better. It helps with things like speeding up battery charging, improving the quality of videos and photos, and enhancing the sound you hear when playing music or watching videos.

However, these DSP chips can also harbor vulnerabilities. When you watch videos, view images, or interact with other types of content on your phone, the DSP chip processes this data. 

If there are security flaws in the chip, hackers could take advantage of these vulnerabilities and exploit them to access your phone without your knowledge. This puts your privacy and security at risk.

Malicious Apps Can Exploit Vulnerabilities On Your Smartphone

Another way these vulnerabilities can be used is through malicious apps that bypass the usual security settings to gain access to data stored on your phone without your permission.

What’s The Impact?

According to Yigal, these vulnerabilities can have serious consequences, exposing your private information and leaving your device open to malicious attacks. 

Here’s how:

1. Privacy breach – An attacker can steal sensitive data, including your pictures, videos, call recordings, GPS locations, microphone recordings, and more.
2. Phone lockout – The attacker could block your access to important data, making your phone unusable, which means you might lose all of your stored information.
3. Unremovable threat – Once the app or exploit is in place, you might not be able to remove the threat, leaving your phone vulnerable to ongoing attacks.

Act Fast When You’re Notified To Update

Currently, there are no patches or software fixes available to protect against these vulnerabilities. That means, if you receive a notification on your phone to install an update, don’t delay! Installing updates as soon as they’re available is one of the best ways to protect yourself from these threats.

To help reduce your exposure to these risks, Yigal offers five tips:

1. Don’t install apps from unknown sources: Only download apps from trusted sources like the Google Play Store. Avoid third-party sites that may offer risky or malicious apps.
2. Avoid browsing unknown websites: Stick to well-known, secure websites. Be cautious of unfamiliar sites that may contain harmful content or malware.
3. Open emails without downloading the images: Some malicious emails (like phishing) can be designed to exploit vulnerabilities in your phone. To be safe, open emails without automatically downloading images or attachments.
4. Don’t click on suspicious links: If you receive a link in an email, message, or social media post from an unknown sender, don’t click it. Double-check the sender’s details before following any links.
5. Backup to the cloud or computer: Regularly back up your important data to a secure cloud service or your computer. This ensures you won’t lose valuable information if your phone is compromised.

For more Cybersecurity news and tips, make sure you don’t miss any podcast episodes of The Cybersecurity Insider. You can also tune in on YouTube, Apple Podcasts, or Spotify! 

Source:

1. gmcdouga. (2020, August 6). Achilles: Small chip, big peril. Check Point Blog; Check Point Software. https://blog.checkpoint.com/security/achilles-small-chip-big-peril/