It’s worth updating your phone’s operating system as soon as you can. Many top-of-the-line handsets have been found to have a vulnerability that potentially leaves them exposed to a malware attack.
The vulnerability (dubbed Broadpwn) affects the Wi-Fi chips on iPhones, Samsung Galaxy and Google Nexus devices. The name comes from the manufacturer of these chips, Broadcom.
The vulnerability was discovered by Nitay Artenstein, a researcher presenting at the Black Hat information security conference in Las Vegas.
It has now been patched, but you need to make sure that you are on iOS 10.3.3 if you’re an iPhone user, or have the July security update for Android to ensure the fix is on your device.
What is remarkable about this exploit is that that it is truly remote, meaning that it requires no action from the victim, the attacker doesn’t need to know anything about the device they are targeting, and the system can be taken over without crashing.
Spreading like wildfire, but it has limitations
An attacker can write programs directly onto the chipset, and as it’s the Wi-Fi chip the program can easily spread between devices, with the only criteria being that the devices are physically near each other.
Artenstein provided a proof of concept on stage at th
Artenstein provided a proof of concept on stage at the event by infecting a Samsung Galaxy device with his “worm” and then leaving it alone to infect another nearby Samsung phone with no further input from him, or any action required on the second handset.
The implications of this are fairly obvious, as an exploit of this kind could spread from handset to handset like a real virus.
The good news is that even without the patch, the exploit still has its limitations. It can only affect the Wi-Fi chip, and not the entire handset, meaning it could stop your Wi-Fi working but that’s about it. There would need to be a second vulnerability for it to infect more of the phone.
Artenstein’s proof of concept does add one extra insult to injury; any infected phone broadcasts the message “I’m pwned”, but only on wavelengths that those in the know will be able to hear.
- Want to know more about the life of a hacker? Check out: Behind the code: a conversation with an ethical hacker