Shattering the period of calm after the discovery of Android Stagefright exploit, Android Quadrooter has become the current hot topic in the mobile security industry. Quadrooter, as its name suggests, is a group of four vulnerabilities in the software drivers for Qualcomm chipsets within certain Android devices. These drivers are responsible for communication between chipset components in the Android packages developed by the manufacturer.
Exploiting any one of these four vulnerabilities in the drivers would provide a hacker with root access on the device. Unlike Stagefright, which was exploitable via remotely sent crafted messages, these Quadrooter vulnerabilities are apparently exploitable only through apps which must be explicitly downloaded and installed by the user. Although this is may be considered another dangerous method that hackers can incorporate into their malware to attain root permissions, at the time of writing, not a single actual sample has been found in the wild.
Patching the vulnerable software drivers with appropriate security updates would be the most suitable solution to mitigate the risk caused by these vulnerabilities. However it is a never ending debate whether a security update from Google (or Qualcomm, etc.,) can be customized to suit a handset manufacturer’s model within a reasonable time frame. In fact how quickly does a manufacturer’s customized security update reach its own users’ devices? “ .
The good news is that Google claims that these exploits can be blocked by the “Verify Apps” feature in the Android OS from version 4.2 (Jelly Bean). Locate this feature at:
Settings>System>Security>Verify Apps
Here are a few steps to follow to help avoid dangerous security issues when downloading an application and other unwanted scenarios:
- Always prefer to download an application from the official Google Play
- Think twice before you download an application whether you really need it
- Check any documented usage of the application to ensure that it does not perform any functionality separate from your expectations
- Verify the reputation of the application by checking the reviews available
- Avoid using free Wi-Fi hotspots, in particular those that are not password protected
- Install a reputed and up-to-date mobile security product like “K7 Mobile Security”
- Avail of the available application verification features like “verify apps” in recent Android OSs to identify a malware before installation.
V.Dhanalakshmi
Senior Threat Researcher, K7TCL
