Apple, Andriod, and Samsung Smartphones Vulnerable to Malicious Wi-Fi Hacks

The Broadcom Wi-Fi chip found in Apple, Android, and Samsung smartphones is vulnerable to malicious hacks in wireless networks. This breach in platform security is disconcerting with the rise in cyberattacks for this year.

This vulnerability was found by Google’s Project Zero Researcher, Gal Beniamini, who has written a detailed report of the security. Broadcom’s Wi-Fi Chips are the most common chipset used for mobile devices. Just a few of the devices that have this vulnerability include Nexus 5, 6, and 6P, the majority of Samsung flagship devices, and all iPhones since the iPhone 4.

Apple and Google have rushed out emergency updates to address this serious bug that would allow a hacker within the same Wi-Fi network to execute malicious code on the Broadcom Wi-Fi Chip used in the majority of smartphones.

Gal Beniamini described the vulnerability as a stack buffer overflow issue. A hacker can send and execute code, as well as deploy malicious code to take full control of the device. Advanced hackers could utilize this vulnerability to install banking Trojans, ransomware, and adware on smartphones.

A simplified explanation of this vulnerability is that the Broadcom firmware can be tricked into overrunning its stack buffers. Once these buffers are overrun, they can then be allowed to send carefully crafted Wi-Fi frames to the Wi-Fi controller to overflow the firmware’s stack. This overflow of the stack is paired with frequent timer firings of the chipset meant to overwrite device memory, RAM, as the malicious code is executed.

To exploit this security issue, a hacker would have to be within the Wi-Fi range of the mobile device to take it over. There is no need for the hacker to touch the device during a security breach, and there is no identification to the user that such an attack is even taking place.

Broadcom has been extremely responsive to making sure the proper fixes were put into place. You can read their entries tracking the bug fix to better understand their solution to the issue.

To ensure that your mobile device is safe from a cyberattack, you will need to download the latest security updates. So far, Apple and Google have released updates that patch this issue. The Android April 2017 Security Bulletin and the Apple iOS 10.3.1 updates both address this vulnerability.

Samsung users should be on the lookout for an update as there has not been a release that fixes this issue. For those using Samsung flagship devices including Galaxy S7, Galaxy S7 Edge, Galaxy S6 Edge, Galaxy S5, and Galaxy Note 4 you will need to be careful using Wi-Fi networks in the meantime.

For businesses that issue mobile devices to their staff, we recommend making frequent security updates to ensure that all data is secured. For businesses looking to secure their information and become compliant with HITRUST or HIPAA standards, you will need to develop a security plan for your mobile devices.

Get expert help from the Crossroads Cybersecurity experts on ensuring security for your mobile devices by using the form below.