Qualcomm Security Bug on its Chip: Mobile Applications At Risk

Dozens of Qualcomm chipsets have been discovered with a security bug, which could eventually enable Android malware to steal access to online accounts.

The issue concerns with a Qualcomm technology, designed to store private cryptographic keys on the device in a secure manner. The Qualcomm Secure Execution Environment (QSEE) can do this by planting the keys in a hidden area of the chip, which is separate from the principal processor.

The QSEE should be inaccessible, even if the Android operating system has been harmed, so seemingly, Qualcomm’s performance is not perfect. Keegan Ryan, a researcher with cybersecurity firm NCC Group said that one can manipulate the system to expose the private keys kept inside the QSEE.

Ryan published a paper detailing the weak point, on Tuesday, saying that he could observe a Qualcomm chip’s memory cache for indications on how to connect the private kays stored inside the QSEE. He proved all this by removing a 256-bit ECDSA key from a Nexus 5X device after accumulating memory cache samples during a time period of 24 hours.

A hacker could utilize the security bug to analyze and take advantage of how mobile applications let us sign in over a phone. After the password is typed, the app will usually produce a cryptographic key version which can be used to demonstrate that all the ulterior logins are coming from the same phone.

Ryan told PCMag that if a hacker uses this weakness to steal the key match, they can use the user’s device from anywhere in the world, and the user cannot stop it even if is powering down the device or destroying it.

Also, to extract the keys, the hacker doesn’t need to physically access the device. This could be accomplished by getting a malware on to the smartphone, as what is needed is a root access to the device.

NCC Group informed Qualcomm about the weakness back in March 2018, and fortunately, Qualcomm has fixed the security bug (CVE-2018-11976)​, which affects Snapdragon chipsets counting the 820, 835, 845 and 855, and many others.

Leave a Reply

Your email address will not be published. Required fields are marked *