Are 900m Qualcomm-powered Android devices at risk?

Qualcomm's processors are powering over 900 million Android devices globally, which would be a haven for hackers should a vulnerability can be exposed and exploited. Apparently, that could be the case, according to a not-so-inspiring report.

Cyber-security firm Check Point says that it has uncovered a set of four vulnerabilities affecting almost a billion Android devices that use Qualcomm chipsets. The company called the issue "QuadRooter", which, according to them, is "a set of four vulnerabilities that gives attackers complete control of your Android smartphone or tablet".

"These vulnerabilities are found on out-of-the-box devices and can only be fixed by installing patches when they become available," the report added. The company listed the following devices as among those that can potentially be compromised: BlackBerry Priv; Blackphone 1 and 2; Google Nexus 5X, Nexus 6 and Nexus 6P; HTC One, M9 and 10; LG G4, G5 and V10; the new Motorola Moto X; OnePlus One, 2 and 3; Samsung Galaxy S7 and S7 Edge; and Sony Xperia Z Ultra.

While there has been no proof so far that these vulnerabilities have been used for illegal means, it could happen "in the next three or four months", Check Point head of mobility product management Michael Shaulov said in a BBC report.

In the UAE, the devices listed are available either from retailers, online or both.

However, latest figures from the Telecommunications Regulatory Authority (TRA) show that there might not be much of a concern here in the UAE.

The TRA report, released on August 7, revealed that in the first quarter of 2016, 68.9 per cent of handsets registered on the UAE's networks were smartphones, with the iPhone 6 and iPhone 5 - which use ARM chipsets - being the most used at 4.48 per cent and 2.39 per cent, respectively.

The Samsung J100H/J1, which uses Spreadtrum, and the iPhone 6s were third (1.81 per cent) and fourth (1.69 per cent), respectively. The Nokia 108 feature phone was overall the second most-used phone at 2.92 per cent.

The report added that Samsung is the most widely-used brand in the UAE in the January-to-March period, boasting a 33 per cent share of all registered handsets. Nokia was second at 28 per cent, followed by Apple (14 per cent) and BlackBerry (two per cent).

However, no specific device breakdown was provided. As at Press time, the TRA was unreachable for comment.

Khaleej Times also sought statements from device manufacturers listed in the Check Point report.

BlackBerry says that its engineers in its headquarters in Canada are looking into the matter, while LG Gulf says it has not received any statement from its corporate offices in Seoul.

HTC, Samsung and Sony Mobile did not respond to requests either, while Qualcomm has yet to release a statement on the report.

Shaulov is just hopeful that those who would find the bugs first are the type who would squash them.

"It's always a race as to who finds the bug first - whether it's the good guys or the bad."

UPDATE 1: Qualcomm has responded to queries from Khaleej Times, saying that it has been aware of the issue since February and patches have been rolled out. Sony Mobile has also issued a statement to Khaleej Times.

UPDATE 2: BlackBerry has released a statement to Khaleej Times.

• Business
• Dubai