Security researchers have found an 'exploit' in Android phones that puts 900 million devices at potential risk of data theft and hacking. The Israeli firm Check Point has detected the bug, called QuadRoot, that can harm your Android device.
In software terminology, an 'exploit' is a piece of software, or a set of data or commands, that can exploit a weakness in a computer system or program to carry out some form of unintended action in the program or the hardware.
What Is QuadRoot Exploit?
QuadRoot can potentially take control of your whole phone. If a hacker successfully gets the access to your phone then your photos, data, contacts, and text, everything will be at risk. Your calls can be recorded too and the hacker can get access to your camera.
Who is affected by it?
The exploit affects phones with a Qualcomm chip inside, which means that over 900 million devices are at risk.
But there is a catch. In order to make use of the QuadRoot exploit, the phone has to have an unverified app manually installed. By default, manual installation of apps is not allowed in Android phones.
If you want to install APKs on your phone, you have to go to the settings and permit the OS to install third party apps which are not in the Play Store.
What should I do to ensure that my phone is not affected?
First of all, you need to uninstall all the manually downloaded apps. Secondly, you should turn off the permission for installing third party apps on the phone until there is a security patch released for the QuadRoot exploit.
If any Android phone has Android 4.2 Jelly Bean or above, the Google Play Services monitors the third-party apps as well. When you are installing an unverified APK file, you'll get a warning if that particular file contains malware.
But it is unclear at the moment if Google is scanning for the QuadRoot exploit in the files as well. So it is better to play safe and secure your phone.
"I am pretty sure you will see these vulnerabilities being used in the next three to four months," said Michael Shaulov, head of mobility product management at Checkpoint.
Qualcomm has already started working on the patches and soon updates will be released for phones that could be potentially affected.