Many cell phones from Samsung, Google and Vivo, among others, and cars using Samsung modems can be hijacked by hackers. This is reported by Google researchers, who state that the hackers only need to know the phone number of a device. Among other things, the popular Samsung Galaxy S22 is vulnerable.
Google has found a total of eighteen previously unknown vulnerabilities in Samsung’s so-called Exynos modems. Four of the issues allow hackers to access the phones.
Google researchers expect hackers to quickly find a way to exploit the vulnerabilities. After all, they can be quickly misused by skilled attackers and no user action is required to exploit them. Only the user’s phone number would be required to carry out the attack.
Security updates required
Google itself has already fixed the vulnerabilities with a recent security update for its own Pixel phones. But Samsung, which had also equipped other popular devices such as the Galaxy A53 and A33 with the affected modems, has to come up with a software update. Just like the Chinese Vivo, which has marketed various devices with these modems.
What can you do yourself?
Users of the affected devices who have not yet received an update can make calls themselves via WLAN (VoWi-Fi) and switch off Voice-over-LTE (VoLTE). These steps also mitigate the vulnerabilities, but users lose functionality.
Project Zero team
Google’s “Project Zero” research team has been revealing security vulnerabilities after 90 days since 2020, regardless of whether a company has one patch released or not. The team may deviate from this if disclosure is more beneficial to attackers than to users who are vulnerable to the vulnerabilities.
“Due to a very rare combination of the scale of access you get with these vulnerabilities and the speed at which they can be exploited,” Project Zero says it’s releasing now.
Source : HLN
