The Snapdragon processor technology for mobile devices developed by Qualcomm has been analyzed by the security company Check Point, which detected more than 400 vulnerabilities . Some vulnerabilities that its researchers describe as «critical».

The problem is in the digital signal processor that enables a large number of functions, from those that have to do with charging the device to those of capturing images and videos, use of augmented reality, MP3 file decoding, active noise cancellation or voice recognition, among other things.

Thus, the attack surface is enlarged. It should be noted that Qualcomm chips are present in 4 out of 10 smartphones. They are part of multiple Android terminals , including the high-end models of Samsung, Xiaomi, Google, LG and OnePlus.

Check Point has reported these vulnerabilities to Qualcomm, which in turn has alerted phone vendors. But, «although Qualcomm has fixed the problem, it is not the end of the story,» warns Yaniv Balmas, head of research at Check Point.

«Now it depends on brands like Google, Samsung or Xiaomi to integrate these patches into the smartphone manufacturing chain, which implies that the vulnerabilities are still active» , he indicates. «Until then, from Check Point we recommend that all Android phone users take extreme precautions to avoid becoming a new victim of these security flaws.»

«Millions of phones are exposed», recalls Yaniv Balmas: « users can be spied on and even lose all their data , since it can also take months or even years to finish» with failures » definitively, especially due to the complexity of the ecosystem of the mobile world ”.

To take advantage of vulnerabilities, cybercriminals need their victims to download an application first. From there, they can turn the smartphone into a spy tool without the user having to act further. Removable information includes photos and videos and location data. In addition, the possibility of recording calls and activating the microphone opens.

On the other hand, criminals could disrupt the normal operation of the phone, restricting access to stored information. Another consequence would be the performance of malicious activities from the device with hidden malware .