- Google has warned owners of specific Samsung, Vivo, and Pixel phones of serious vulnerabilities.
- Hackers can exploit these vulnerabilities remotely with access to the victim's phone number.
- The vulnerabilities can compromise sensitive data such as calls, messages, and mobile data and can only be addressed through software patches from phone manufacturers.
With an increasing number of people relying on their smartphones for communication and data storage, the issue of cybersecurity has become more critical than ever. Last year, Apple disclosed some serious security vulnerabilities for iPhones and other Apple devices. In a recent warning, Google has advised Pixel and Samsung phone owners to be cautious of serious vulnerabilities that can be exploited by hackers remotely. These vulnerabilities are severe enough to be classified as zero-day vulnerabilities. This article will provide an overview of the affected devices, how the attack works, what measures device owners can take to protect themselves, and the response from phone manufacturers and Google.
What Are the Exploits?
Google has warned owners of certain Samsung, Vivo, and Pixel phones about a range of vulnerabilities. These vulnerabilities could allow malicious actors to compromise devices without the owner's knowledge, simply by knowing the phone number.
In a blog post, Google's Project Zero team of cybersecurity experts and analysts detailed 18 possible exploits in Samsung's Exynos modems used in some phones. These exploits are serious enough to be classified as zero-day vulnerabilities and should be addressed immediately.
With four of these exploits, attackers only need to possess the correct phone number to access incoming and outgoing data such as phone calls and text messages. The other 14 exploits are less concerning as they require either local device access or access to a cell carrier's system before the vulnerabilities can be exposed.
Which Android Devices Are Vulnerable To Hacking?
Google's blog post revealed a list of devices that use Exynos modems, inadvertently disclosing that Samsung's modems have been used in Google's premium Pixel phones for several years. In addition to Pixel devices, the list includes some wearables and vehicles that utilize specific modems. Here's a list of the affected devices:
- Samsung phones: Galaxy S22 series, the midrange M33, M13, M12, A71 and A53 series, and the affordable A33, A21, A13, A12 and A04 series.
- Vivo phones: S16, S15, S6, X70, X60, and X30 series.
- Google Pixel phones: The recently released Pixel 6 and Pixel 7 series devices from Google are also listed as using Exynos modems. At least one of the four most serious vulnerabilities has been addressed in the March security update.
- Any wearable device that uses the Exynos W920 chipset and any vehicle that uses the Exynos Auto T5123 chipset are also included on the list of devices using Exynos modems.
So, if you have any of these new or used Android devices, you should take precautionary measures and install the security update as soon as it becomes available.
How Does the Attack Work?
Tests have confirmed that the four vulnerabilities categorized as critical-level enable attackers to compromise phones remotely without any intervention from the user. An attacker can exploit these vulnerabilities with access to the phone number of the targeted victim.
By exploiting these vulnerabilities, an attacker can remotely execute code on the device, providing almost unlimited access to data transmitted to and from the affected device. This includes mobile calls, text messages, and mobile data. The worst part is that these actions occur silently, without the device owner's knowledge or consent.
Google's experts have stated that experienced hackers require minimal research and effort to create a working exploit that takes advantage of these vulnerabilities.
How Has the Google Responded to the Attack?
According to the blog post, Google notified the affected phone manufacturers of the exploit discoveries in late 2022 and early 2023. However, the Project Zero team has opted not to disclose four other vulnerabilities discreetly due to their continued severity, deviating from their typical practice of disclosing all exploits within a specified time frame after reporting them to affected companies.
In the March 2023 Security Update, Samsung acknowledged that various Exynos modems are susceptible to vulnerabilities affecting several Android device manufacturers. However, the company needs to provide more information about the issue.
How Can the Device Owners Protect Themselves?
If you own one of the affected devices, it is recommended that you install the security update as soon as it becomes available. However, the timing of the software patch release for each device is up to the phone makers. Therefore, it is crucial to keep an eye out for any notifications or updates from your device manufacturer or carrier.
In the meantime, Google has recommended some temporary measures that device owners can take to avoid being targeted by these exploits. Turning off Wi-Fi calling and Voice-over-LTE (VoLTE) in your device settings can minimize the risk of an attack. This is because the vulnerabilities in Samsung's Exynos modems used in some phones can be triggered by certain IMS (IP Multimedia Subsystem) parameters related to these features.
Disabling Wi-Fi calling and VoLTE may not be ideal for some users, as they offer convenient features for making calls and accessing the internet. However, if you are concerned about the security of your device and want to minimize the risk of a potential attack, it may be worth considering.
It is worth noting that taking these temporary measures does not entirely eliminate the risk of an attack, and installing the security patch as soon as it becomes available is still the most effective way to protect your device from these vulnerabilities.
In light of a range of serious vulnerabilities, Google has issued a warning to owners of specific Samsung, Vivo, and Pixel phones to take necessary precautions against potential hackers. These vulnerabilities, categorized as critical-level, can be exploited remotely by attackers with access to the victim's phone number, compromising sensitive data such as calls, messages, and mobile data.
Google's Project Zero team has alerted the affected phone manufacturers but has chosen not to disclose four of the most severe vulnerabilities due to their continued severity. While the March security update is expected to resolve the issue, it has yet to be made available for some Pixel models. In the meantime, Google recommends device owners turn off Wi-Fi calling and VoLTE while waiting for software patches to become available.