Every year we hear horror stories about potentially dangerous malware or virus problems encountered by Android smartphones and tablets, and this week another big story has emerged. A brand new report It details a potential threat called a “quadrooter” that could infect nearly 900 million Android devices. Here’s what you need to know and if there is anything to really worry about.
Cybersecurity software company Check Point is on top of this information and uncovered the HummingBad virus earlier this year, and now it’s a detailed explanation QuadRooter’s.
Similar to the StageFright scare in 2015, users need to know all the details before jumping to conclusions or worrying about it. Technically yes, this new threat can infect 900 million devices, and none of them are fully protected by the latest patches, but it’s not as bad as it sounds. Below is what users need to know about the Android QuadRooter malware.
News about a virus or malware for both Android and iOS comes out all the time, and often the situation is not as deadly as some believe. This time both good and bad. The bad thing is that almost any Android device running a Qualcomm chipset can be infected. Like the LG G2 until the new Galaxy S7 Edge. Qualcomm is among the most popular devices in the United States, so this threat is taken more seriously.
What is QuadRooter?
According to the information we get from the official report QuadRooter is not real malware or malware but the potential to create and distribute one. QuadRooter is a cluster of four vulnerabilities in Qualcomm processor and chipset software and drivers. Basically four different hotspots to hack Android smartphones, tablets and other devices.
Most likely the device you’re reading this on or having in your pocket uses Qualcomm, so it’s technically at risk. Even with the latest security patches from Google.
With this exploit in drivers, a hacker could use QuadRooter vulnerabilities to inject bad stuff into an app and somehow convince users to install it. It can only happen if users download apps from shady places, as Google Play Store checks for malware. As a result Quadrooter is a way for hackers to potentially attack 900 million Android devices, it’s not a real thing and there is no evidence that it was used to harm so far.
Do I Have Malware?
While this isn’t a yes or no question we can answer, most likely no, you don’t. Users who are concerned about being one of the 900 million people infected with QuadRooter should understand that this does not work as such and is not a true malware issue. At least not yet.
Yes, you are at risk, but most users have nothing to worry about. Currently, CheckPoint said that while this is a major vulnerability, there is currently nothing to support its exploitation. So no, you don’t have “QuadRooter Malware” on your device.
Can I Control QuadRooter?
At this time, there is no information about an actual app or virus scanner specifically considered QuadRooter malware, and that’s because nothing real has happened yet. It’s just a potential threat that doesn’t do any harm. Check Point has an app this will check to see if your device is compromised, which it probably is, but you still don’t have to worry.
We can expect similar apps to emerge from others, but for now we don’t see much appearing. While what you do with your device is up to you, I won’t be paying for something like this anytime soon. This happens several times a year, and while the threat is real, it’s also like a scare tactic.
Is Your Phone Safe?
Yes and no. Google is already aware of this situation and the four vulnerabilities found in Qualcomm drivers, and all but one have been patched. By ZDNet Google’s latest August security patch, which has been rolled out to millions of phones and is coming soon from Samsung and other manufacturers, includes the patch. Qualcomm even surpassed Google and fixed these issues on its own with certain partners, so we don’t even know if all 900 million are still at risk.
They state that Google fixed three of the four issues, with the last one not being made in time for the monthly security patches for the Android ecosystem in August. This means that a vulnerability will remain a more obvious and potential threat until September if phone makers like Motorola and LG don’t release updates immediately in September or work with Qualcomm.
On the other hand, this is only a potential problem and not malicious software actively used to target devices.
How to Stay Safe
As we said above, this issue isn’t even a real issue and is a way for hackers to get malware inside an app if it’s installed on a Qualcomm device. This means do what you always do, use common sense and be safe.
Do not download apps or games from shady websites or 3rd party sources; this will not be a problem. Keep using the Google Play Store for all app downloads and this issue will never need to be mentioned again. There are many places on the web to download and play apps, then sideload them. And this is where such vulnerabilities can be dangerous. As long as you stick with the Google Play Store and are smart about what you download and install, everything should be fine.
At the end of the day, Android security is hard work. Even with Google’s monthly security updates, things can occasionally fall through the cracks. That doesn’t mean it’s instantly dangerous, but rather the idea of what someone might do with the abuse. If any additional information emerges, we will update it with all important details.