Millions Of Smartphones Using Broadcom Wi-Fi Chip Can Be Hacked Over-the-Air April 04, 2017 Swati Khandelwal Millions of smartphones and smart gadgets, including Apple iOS and many Android handsets from various manufacturers, equipped with Broadcom Wifi chips are vulnerable to over-the-air hijacking without any user interaction. A Broadcom chip flaw found and demoed by Exodus Intelligence's Nitay Artenstein exposed a potential critical threat to 1 billion Android and iOS smartphones. This exploit was possible due to a specific Broadcom Wi-Fi chip bug that let the hacker gain remote execution access on smartphones. Fortunately, before this could happen, and both have fixed the bug. The Wi-Fi chip is vulnerable to a self-replicating attack, which could spread infect and spread without any user interaction. Ars Technica that this vulnerability was found in the BCM43xx family of Wi-Fi chips manufactured by Broadcom. Artenstein demoed a proof-of-concept attack code that took advantage of the vulnerability at the Black Hat security conference in Las Vegas recently. This code reportedly fills airwaves with connection requests to nearby devices, and when the request reaches the specified Wi-Fi chipsets' devices particularly; it rewrites the firmware controlling the chip. Then, the compromised chip sends malicious packets to other exploitable devices, creating a domino effect of sorts. Artenstein has dubbed this bug as 'Broadpwn', and this vulnerable chip resides in almost 1 billion smartphones in the market, as mentioned before. The report states that Artenstein got in touch with Google and Apple both to make them aware about this bug, and Google released a patch early in July to prevent any sort of ripple effect to start. Apple also as well, preventing a potential self-replicating attack to spread to a large number of devices. 'This research is an attempt to demonstrate what such an attack, and such a bug, will look like. Broadpwn is a fully remote attack against Broadcom's BCM43xx family of Wi-Fi chipsets, which allows for code execution on the main application processor in both Android and iOS. It is based on an unusually powerful 0-day that allowed us to leverage it into a reliable, fully remote exploit,' Artenstein wrote in a. In his post, Anrtenstein explains that in order for the attack to begin, targets don't even have to connect to the malicious network, and simply having Wi-Fi turned on was enough. His attack worked on a number of smartphones, including all iPhone models since the,,,,,, and Samsung Galaxy flagship devices from Galaxy S3 to the Galaxy S8 launched this year. ![]() The researcher also said that this attack was more vulnerable on smartphones than laptops and computers as they provide limited access to Wi-Fi chipsets, not enabling remote execution at least.
Samsung then introduced the Galaxy S handset. Incorporating the Android OS platform and a similar approach to design like Apple, Samsung took a design approach of giving consumers more than what the current version of the iPhone could offer. Give them everything the iPhone can do, and then give them MORE.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
March 2019
Categories |