Key Takeaways
- Raws li tsab ntawv ceeb toom tshiab, kwv yees li 40% ntawm cov xov tooj smartphones tuaj yeem ua rau muaj kev cuam tshuam rau cov neeg nyiag nkag nkag mus rau koj qhov kev hu xov tooj thiab ntawv keeb kwm.
- Qhov teeb meem kev nyab xeeb nrog Qualcomm chips qhia txog qhov xav tau rau cov tuam txhab los qhia rau cov neeg siv ntawm cov teeb meem kev nyab xeeb.
- Cov khoom siv txawb tau yooj yim rau ntau qhov teeb meem kev nyab xeeb, cov kws tshaj lij hais.
Ib qho yooj yim qhia tawm tshiab uas tuaj yeem muab cov neeg nyiag nkag rau hauv koj lub xov tooj qhia tias cov tuam txhab xav tau lub luag haujlwm ntxiv rau kev ceeb toom cov neeg siv txog teeb meem kev nyab xeeb, cov kws tshaj lij hais.
Check Point tshawb nrhiav tsis ntev los no tshaj tawm tias nws tau pom qhov kev nyab xeeb hauv Qualcomm's MSM modem chip software uas qee cov apps tsis zoo tuaj yeem siv tau. Cov kws tshawb fawb tau hais tias qhov tsis zoo no muaj nyob hauv kwv yees li 40% ntawm cov xov tooj smartphones, suav nrog cov los ntawm Samsung, Google, thiab LG.
"Txoj hauv kev tam sim no los daws cov teeb meem kev nyab xeeb yog qhov tsis sib xws ntawm qhov zoo tshaj plaws," Setu Kulkarni, tus lwm thawj coj ntawm cybersecurity tuam txhab WhiteHat Security, tau hais hauv kev xam phaj email. Cov neeg tsim khoom, nws hais ntxiv, "yuav tsum tau nce thiab qhia cov neeg siv kawg txog qhov cuam tshuam cov teeb meem kev nyab xeeb no muaj rau [lawv] hauv cov neeg ua haujlwm."
Xov tooj ntsib ntau qhov tsis zoo
Qualcomm vulnerability tshaj tawm tias tso cai rau cov neeg nyiag nkas tsom rau cov neeg siv Android nyob deb, ntxig cov lej tsis zoo hauv lub xov tooj modem thiab tau txais lub peev xwm los tsim cov haujlwm.
Tus kws tshaj lij Qualcomm tau teb rau daim ntawv tshaj tawm nrog cov lus hauv qab no rau Lifewire: "Kev muab cov thev naus laus zis uas txhawb kev ruaj ntseg thiab kev ceev ntiag tug yog qhov tseem ceeb rau Qualcomm. Qualcomm Technologies twb tau txhim kho muaj rau OEMs thaum Lub Kaum Ob Hlis 2020, thiab peb txhawb kom cov neeg siv kawg hloov kho lawv cov khoom siv raws li thaj ua rau muaj."
Txoj hauv kev tam sim no los daws cov teeb meem kev nyab xeeb yog qhov tsis sib xws ntawm qhov zoo tshaj plaws.
Hauv kev xam phaj email, Stephen Banda, tus thawj coj laus ntawm cybersecurity firm Lookout, tau hais tias qhov teeb meem Qualcomm qhia txog tias cov xov tooj smartphones muaj kev cuam tshuam li cas rau ntau yam teeb meem kev nyab xeeb.
"Pom tias qhov no yog qhov teeb meem thoob plaws thoob plaws hauv cov khoom siv hauv Android, nws yog qhov tseem ceeb heev rau cov koom haum kaw lub qhov rais qhov tsis zoo," Banda ntxiv. "Kev txhim kho sai li sai tau thaum muaj kev ruaj ntseg thaj thiab OS hloov kho tshiab yog qhov tseem ceeb los txo qhov kev pheej hmoo ntawm kev ua txhaum cybercriminal siv qhov tsis zoo no."
Cov kab laum Qualcomm tsuas yog qhov tseeb ntawm txoj hlua tsis ntev los no ntawm cov xov tooj ntawm tes uas tau tshwm sim. Lub hli tas los, nws tau tshaj tawm tias tus nqi qis Q Link Wireless tau ua cov ntaub ntawv nkag siab zoo rau txhua tus neeg uas paub tus xov tooj siv tau ntawm tus neeg nqa khoom lub network.
Tus neeg nqa khoom muaj cov neeg siv khoom siv tuaj yeem siv los saib xyuas cov ntawv thiab feeb keeb kwm, cov ntaub ntawv thiab siv feeb, lossis yuav cov feeb lossis cov ntaub ntawv ntxiv. Tab sis lub app kuj tso cai rau koj nkag mus rau cov ntaub ntawv yog tias koj muaj tus lej xov tooj raug, txawm tias tsis muaj tus password.
Txhob Ntshai Downloads
Tiv thaiv koj tus kheej tawm tsam hackers, tsuas yog rub tawm cov apps ntseeg siab thiab paub zoo, tshwj xeeb tshaj yog hauv Android, qhia Bryan Hornung, CEO ntawm Xact IT Solutions, hauv kev xam phaj email.
"Google tsis pom cov ntawv thov hauv nws lub khw app zoo li Apple ua," nws hais ntxiv. "Yog li txhua tus neeg siv Android yuav tsum tau ceev faj thaum rub tawm cov apps los ntawm lub khw."
Cov neeg siv kuj yuav tsum ceev faj txog cov apps uas thov kev tso cai ntau dua lossis nkag mus rau lub cuab yeej tshaj li qhov tsim nyog, Hornung tau hais. Piv txwv li, qee lub apps yuav thov kev tso cai rau lub koob yees duab lossis cov neeg sib cuag.
"Yog tias lub app tsis muaj dab tsi ua rau koj lub koob yees duab lossis koj cov neeg tiv tauj, tsis txhob tso cai," nws hais ntxiv. "Malicious apps feem ntau nug txog kev tso cai hauv paus, txhais tau tias nws muaj kev tswj hwm koj lub cuab yeej."
Tab sis Kulkarni hais tias tsuas muaj ntau tus neeg siv tuaj yeem ua txog qhov teeb meem tsis pom zoo xws li Qualcomm qhov tsis zoo. Qee qhov teeb meem kev nyab xeeb yuav tsum raug kho zoo li lub tsheb rov qab nrog kev tshaj tawm txog kev pabcuam pej xeem, thiab qee zaum, qhov teeb meem kev nyab xeeb ntawm lub xov tooj yuav tau lees paub xov xwm kab xov xwm.
"Tshwj tsis yog, thiab txog thaum, tus neeg siv kawg tau txais kev tshaj tawm kev pabcuam pej xeem xws li 'Koj cov ntawv xov xwm, hu rau keeb kwm, thiab kev sib tham muaj kev pheej hmoo' hauv lawv cov lus hauv cheeb tsam, yuav muaj tsawg lossis tsis muaj kev tsis ncaj ncees rau kev nqis tes ua. ib feem ntawm cov neeg siv nruab nrab, "nws ntxiv.
Nws yog ib qho tseem ceeb heev rau cov koom haum los kaw lub qhov rais tsis muaj zog.
Ntau tshaj 48% ntawm cov neeg siv tseem tab tom ua haujlwm ntawm Android OS ua ntej version 10, Kulkarni tau thov. Nws hais ntxiv tias qhov phem tshaj plaws (los ntawm kev ruaj ntseg standpoint) yog cov neeg siv uas muaj lub cuab yeej uas tsis txhawb nqa qhov hloov tshiab OS tshiab.
"Lawv xaiv tsuas yog hloov kho lub cuab yeej," Kulkarni hais. "Qhov no, muaj kev cuam tshuam ncaj qha rau cov nyiaj hauv tsev thaum nws los txog kev kho dua tshiab ntawm lub xov tooj rau txhua tus neeg thiab lawv tsev neeg."