The Hacker News Logo
Subscribe to Newsletter

Hacking Smartphones Running on MediaTek Processors

how-to-hack-mobile
A dangerous backdoor has been discovered in the MediaTek processor that could be exploited to hack Android devices remotely.

MediaTek is a Taiwan-based hardware company that manufacture hardware chips and processor used in the smartphones and tablets.

The backdoor was discovered by security researcher Justin Case, who already informed MediaTek about the security issue via Twitter, as the chipset manufacturer had no proper vulnerability reporting mechanism in place.

The vulnerability is apparently due to a debug tool that was opened up for carriers to test the device on their networks, but unfortunately, it was left open in the shipped devices, thus leaving the serious backdoor open to hackers.
If exploited, the debug feature could allow hackers to compromise personal data of an Android device, including user’s private contacts, messages, photos, videos and other private data.
MediaTek acknowledged the issue, saying "We are aware of this issue, and it has been reviewed by MediaTek’s security team. It was mainly found in devices running Android 4.4 KitKat, due to a debug feature created for telecommunication inter-operability testing in China."
The issue actually resides in MediaTek MT6582 processor, which worryingly is being used in many high profile Android devices.

So, if your smartphone is using this processor, the only thing you can do for now is to…

...Keep your Android device off the Internet in an effort to protect yourself.

The company also said that it has notified all OEMs of the potential loophole, so it's now up to the affected OEMs to issue a security patch to close the backdoor.

"While this issue affected certain manufacturers, it also only affected a portion of devices for those manufacturers. We have taken steps to alert all manufacturers and remind them of this important feature," MediaTek spokesperson released a statement.

Have something to say about this article? Comment below or share it with us on Facebook, Twitter or our LinkedIn Group.
SHARE
Comments
Latest Stories
Best Deals

Newsletter — Subscribe for Free

Join over 500,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.