The allure of a cheap smartphone can be hard to resist, especially as they’re now almost as capable as more expensive models. It’s for this reason why formerly-unknown Chinese manufacturers like Huawei and Xiaomi are rapidly overtaking more established, premium manufacturers, like Samsung, Sony, and even Apple.
But, as in all things, you get what you pay for. A recently discovered vulnerability in many budget Chinese handsets, which could allow an attacker to gain root access, proves that modus. Here’s what you need to know.
Understanding The Attack
Many phones run SoCs (System on Chip) built by Taiwanese-based MediaTek, who are one of the largest semiconductor manufacturers in the world. In 2013, they produced a phenomenal 220 million smartphone chips. One of their biggest sellers is the MT6582, which is used in a number of low-end smartphones, with many of them produced by Chinese manufacturers like Lenovo and Huawei.
The MT6582 came with a debug setting enabled, which according to wthe manufacturer, was used to test “telecommunications interoperability” in China.
While this was necessary for MediaTek to actually design the chip, and to ensure it works properly, leaving it on a consumer device represents an incredible security risk to consumers. Why? Because it allows an attacker, or a malicious piece of software, to gain root access to the phone.
So Mediatek broke basic security features to have this backdoor work. Readonly properties are NOT read only! pic.twitter.com/pEjtMNpo9v
— Justin Case (@jcase) January 13, 2016
From this, they would be able to modify and delete important system files and settings, spy on the user, and install yet more malware without the user’s consent. If an attacker wanted, they could even brick the phone, rendering it permanently unusable.
According to The Register, this vulnerability can only be executed on phones running version 4.4 KitKat of the Android Operating system.
The discovery of this vulnerability follows a similar flaw found in the OS keychain of version 3.8 of the Linux Kernel, which was disclosed by researchers in January. When exploited, this vulnerability would have allowed an attacker to gain root access of the machine.
This vulnerability affected virtually every distribution of Linux, as well as a plurality of Android phones. Thankfully, a fix was swiftly issued.
Put Down Your Pitchforks
Although phones from the likes of Lenovo and Huawei are especially affected, you shouldn’t blame them. Even though it might seem appealing, given some of these manufacturers have a history of security-related improprieties.
Lenovo is especially guilty of this. In 2014, they broke SSL for all of their users with SuperFish. Then they burdened their laptops with unremovable, BIOS-based malware. Then they installed a creepy, Big Brother-esque analytics program on their high-end ThinkPad and ThinkCenter desktops.
But here, their hands are clean. For once. The blame lies squarely at the door of MediaTek, who shipped these chips to manufacturers with this setting enabled.
Am I Affected?
It’s worth pointing out that this vulnerability won’t have the same reach as the aforementioned Linux vulnerability. The vulnerability is only found on phones running on a chipset which didn’t ship on any phones released in 2015 and 2016.
It can also only be executed on phones running a very specific version of Android, which despite running on around one-third of Android phones, is by no means ubiquitous.
Despite that, it’s probably a good idea to check whether your phone is vulnerable. As it so happens, I own a budget Chinese phone – a Huawei Honor 3C, which was my main device until I jumped ship to Windows Phone in August.
First things first, I looked up the device on GSMArena. This is essentially the Encyclopedia Britannica of phones. If a major manufacturer released it, this website will provide thorough statistics about it. Information about the chipset used can be found underneath Platform. Sure enough, my Huawei phone contains it.
So, then I need to see whether I am running the affected version of Android. I opened Settings, and then tapped About Phone. This might be a bit different for your phone though. Manufacturers are known for customizing the settings menu.
Fortunately, my phone is running Android 4.2 Jellybean, which despite being long in the tooth, isn’t affected by this vulnerability.
If You Are Affected
While I was rather lucky, it’s safe to assume millions of phones will be affected by this. If you are, you’d be wise to purchase a new phone.
The Motorola Moto G is a great budget phone, produced by a manufacturer you can trust. You can get one on Amazon for just $110. As an added bonus, Motorola are rather speedy when it comes to issuing software updates, which Huawei is definitely not.
If you can’t afford to upgrade, you’d be wise to make some simple security precautions. First, try to avoid downloading software from disreputable sources. Avoid downloading pirated apps and “warez“ like the plague. Stick to the Google Play store.
It’s likely that many of the affected users will be based in China, where the Google Play store isn’t available. Chinese consumers have to make do with other alternative app stores, many of which aren’t as vigilant at filtering malware out as Google is. Those consumers would be advised to be extra careful.
In Short: Be Afraid, But Don’t
This vulnerability is scary. It’s scary because it’s borne from how a particular piece of hardware is configured. It’s scary because there are no steps a consumer can take in order to stay secure.
But it’s worth emphasizing that the majority of consumers won’t be affected. It only affects a limited number of devices, which were released by a handful of manufacturers around 2013 and 2014. Most people should be fine.
Were you impacted? If so, will you get a new phone? Or are you not all that concerned? Let me know in the comments below.