Flaw in Qualcomm modems enables backdoor for hackers to record your phone calls

Michail, 07 May 2021

According to a new report by security firm Check Point Research, Qualcomm’s Mobile Station Modem (MSM) can be exploited by hackers and used to record phone calls and more. MSM dates back to the early 1990s and used in 2G/3G/4G and even 5G devices and presents a serious vulnerability that can be hacked remotely as easily as sending an SMS message.

Flaw in Qualcomm modems allows backdoor for hackers to record your phone calls

From there the wrongdoers gain the ability to listen in on your calls, read through your text messages, and can even unlock your SIM card in order to bypass any limitations imposed by carriers. According to reports nearly 30% of all smartphones use Qualcomm chipsets and are thus potential targets of the exploit. The only thing that users can do at the moment is to keep their devices with the most up to date security patch.

We discovered a vulnerability in a modem data service that can be used to control the modem and dynamically patch it from the application processor. An attacker can use such a vulnerability to inject malicious code into the modem from Android. This gives the attacker access to the user’s call history and SMS, as well as the ability to listen to the user’s conversations. A hacker can exploit the vulnerability to unlock the SIM, thereby overcoming the limitations of the service providers imposed on the mobile device. - Check Point Research

According to an official statement issued to Tom’s Guide, Qualcomm has already provided software fixes for the MSM exploit back in December 2020 and subsequent security patches should have ironed out the problem. Strangely enough, no Android security bulletin has thus mentioned a fix for the bug. There’s talk that Google will publicly address the exploit fix in its June security patch.

Source


Related

Reader comments

  • Investi

Always these critical security issues and intentional backdoors in Qualcomm products, year after year... and they keep saying that chinese tech products are unsafe. Qualcomm is not secure, that much is certain.

A "flaw" i'm sure ... but hey it's Huawei who's spying according to trustworthy 'Murica

It's the same with any tech product or software, there are always gonna be exploits and hackers. I'm guessing you're an iPhone user? Here's a list of security vulnerabilities in iOS, macOS and iPad OS: https://www.cvedetails.com/v...

Popular articles

More

Popular devices