Nearly all Android phones at risk of attack — what to do

Android malware
(Image credit: Shuterstock)

A major security flaw affecting nearly every Android smartphone has been discovered, which could potentially allow hackers to remotely access and control a smartphone's camera and microphone. 

The flaw, discovered by Check Point Research, found a vulnerability in the audio decoders of Qualcomm and MediaTek chips; an unprivileged Android app could then use this security hole to change its privileges, then access a user's camera and microphone and eavesdrop on their communications. 

Check Point Research revealed the vulnerability today (April 22), but had previously disclosed the issue to MediaTek and Qualcomm, which patched their firmware in December 2021.

Nearly all Android phones affected

Together, Qualcomm and MediaTek's chips power nearly 95 percent of all Android smartphones in the U.S., according to IDC

This particular exploit involves the Apple Lossless Audio Codec (ALAC), which was launched in 2004. While Apple has updated its proprietary version of the decoder, the shared code has not been patched since 2011, according the Check Point Research. It was this code that Qualcomm and MediaTek used for their audio decoders. 

Prior to releasing a firmware update, if an attacker were to implant an audio file with malicious code onto a vulnerable Android smartphone, they could then access the camera and microphone. 

What you can do

As always, to make sure your device is protected, check to see that its firmware and operating system are fully updated, and that you have installed any security patches. You should also avoid downloading or installing any apps or files from untrusted sources or unofficial app marketplaces. For an additional layer of security, you can also install one of the best android antivirus apps

TOPICS
Mike Prospero
U.S. Editor-in-Chief, Tom's Guide

Michael A. Prospero is the U.S. Editor-in-Chief for Tom’s Guide. He oversees all evergreen content and oversees the Homes, Smart Home, and Fitness/Wearables categories for the site. In his spare time, he also tests out the latest drones, electric scooters, and smart home gadgets, such as video doorbells. Before his tenure at Tom's Guide, he was the Reviews Editor for Laptop Magazine, a reporter at Fast Company, the Times of Trenton, and, many eons back, an intern at George magazine. He received his undergraduate degree from Boston College, where he worked on the campus newspaper The Heights, and then attended the Columbia University school of Journalism. When he’s not testing out the latest running watch, electric scooter, or skiing or training for a marathon, he’s probably using the latest sous vide machine, smoker, or pizza oven, to the delight — or chagrin — of his family.