According to security analysts one hacker could trick an application into accessing the victim's account by stealing encrypted keys in the device's memory.
Έto security gap was found in dozens of its chips Qualcomm which allowed malware to gain access to users' accounts. The problem arose from a function named Qualcomm Secure Execution Environment (QSEE), which stored encryption keys in the device memory, but which was independent of the main processor.
According to Qualcomm, this function was impenetrable even when the operating system was exposed. THE Keegan Ryan, its security analyst NCC Group, refuted the statement stating that it is possible to gain access to the isolated part of his memory QSEE.
I used high-powered branch-predictor and memory side channels to extract private keys from Qualcomm's TrustZone keystore. Check it out: https://t.co/PKzsNcQE7S
- Keegan Ryan (@ inf_0_) April 23, 2019
Last Tuesday, he posted one article for the security gap along with all the details on how he managed to access and analyze the cache from a Nexus 5X, even extracting a 256 bit key after a 14 hour process.
According to Ryan, a hacker could exploit this security loophole by tricking an application into connecting through the device. Once we put a password in an application, an encrypted key is generated that allows the application to keep the data for future use on the same device.
"However, if someone gains access to this key, they may trick an application into thinking that it is running on the owner's device, giving the hacker access to wherever he is, and the user can not defend himself in any way.Said Ryan on PCMag.
The attacker does not even need to have contact with the device, he can extract the keys by gaining administrator privileges through some malware, which although it marks the beginning of many troubles in this case just makes the situation even worse.
The good news is that Qualcomm has already correct The bug (CVE-2018-11976), which affected a variety of processors including Snapdragon 845 and 855, found on most high end smartphones. The NCC Group had notified her Qualcomm from March 2018.
"We applaud the NCC Group for hiding the security gap from the general public. We have already fixed the bug and would like to urge all users to upgrade their devices as soon as possible.Said Qualcomm. The patch will be included in Android April security Update.
[the_ad_group id = ”966 ″]