Bug in High-End Smartphones could Cause Unstoppable Malware
As per Nitay Artenstein, researcher who has discovered the latest flaw, a patched bug found in chips that are used for providing wifi in Google Nexus, Samsung Galaxies, and iPhones devices can be used for building malware that jumps unstoppably from one device to another device.
Affected users must update the operating systems of their phones immediately, to the iOS 10.3.3 (that was released on July 20th) or Security update of July for the Android that contain solutions for this flaw.
Itnews.com.au posted on July 28th, 2017, stating that Artenstein could write a proof of concept which can silently imbed the code of the attacker on vulnerable devices without having interaction of any user by exploiting 802.11 wi-fi protocol association process probe requests and a bug in the implementation of the wireless multimedia (WMM) quality of service extension of Broadcomm.
The vulnerability might let the hackers to take control of your phones remotely via Wi-Fi and then crash it. Hacker just needs to remain in the Wi-Fi range of your phone to attack through airwaves. Artenstein said that as long as the Wi-Fi is on, you don't even need to remain connected to the W-Fi for getting hit.
A 2nd vulnerability will be required by it for damaging further than breaking Wi-Fi of the victims. And with proof-of-concept which already exists, getting infected is far more embarrassing than anything else as: your phone continuously shouts "I'm pwned" in the air for anybody listening with correct tools to pick up on.
The remote attack against the Broadcomm BCM43x chipsets avoids lessening like address space layout randomization and prevention of code execution which means it could be used to code self-publicity malware.
The Broadpwn bug was repaired in the update of Apple on July 19th.
Security issues of Broadcom have affected the owners of Android and iOS in past, after one security flaw that was revealed in Apr. enabled the attackers to run code on their Wi-Fi chip. Devices of Apple from iPhone 5 to iPhone 7 that also uses chips of Broadcom are affected by this.
While chipsets of Broadcom are famous across devices, they are not in all the phones, and this flaw was patched for bulk of the affected phones. If you are really worried regarding the attack, then you can simply switch off Wi-Fi of your phone.
» SPAMfighter News - 03-08-2017