Google and Apple patch Wi-Fi vulnerability that could have affected 1 billion phones - PhoneArena
Save on Samsung Galaxy S22 Ultra

Google and Apple patch Wi-Fi vulnerability that could have affected 1 billion phones

iOS Android
@wolfcallsputs
14
Google and Apple patch Wi-Fi vulnerability that could have affected 1 billion phones
At the recent Black Hat security conference in Las Vegas, Exodus Intelligence's Nitay Artenstein wanted to prove that some Wi-Fi chips produced by Broadcom could negatively affect 1 billion handsets, both iOS and Android flavored. The attack code sent out by Artenstein asks to make a connection with computing devices that are nearby. When these requests are received by devices running the BCM43xx model of Wi-Fi chips found inside certain smartphones, the firmware controlling the chip is revised by the attack.

The affected chip sends out malicious packets to other devices creating a domino effect. All together, roughly one billion handsets were vulnerable to this attack until Google sent out an update that included a patch earlier this month. Apple sent out its patch last week.

"This research is an attempt to demonstrate what such an attack, and such a bug, will look like. Broadpwn is a fully remote attack against Broadcom’s BCM43xx family of Wi-Fi chipsets, which allows for code execution on the main application processor in both Android and iOS. It is based on an unusually powerful 0-day that allowed us to leverage it into a reliable, fully remote exploit."-Nitay Artenstein, Exodus Intelligence

Artenstein, who named the worm "Broadpwn," says that the attack worked on the Apple iPhone 5 and later, and the Nexus 5, Nexus 5X, Nexus 6, and Nexus 6P. Also affected were the Samsung Galaxy S3 through the current Galaxy S8.

With the flaw now closed by Apple and Google, this is one vulnerability that you need not worry about anymore. However, for every flaw that is plugged, another one seems to pop up. That means companies like Google and Apple can never let their guard down.

source: ArsTechnica
Loading Comments...

Latest News

Google will most likely not release a successor to Android 12L
Google will most likely not release a successor to Android 12L
Americans are deleting period-tracking apps in droves because of the Roe v Wade ruling
Americans are deleting period-tracking apps in droves because of the Roe v Wade ruling
Amazon once again comes out with an awesome sale on Anker chargers
Amazon once again comes out with an awesome sale on Anker chargers
Yet another UK operator introduces roaming charges for EU travel
Yet another UK operator introduces roaming charges for EU travel
Xiaomi finally reveals the date and time of its new 12S series announcement
Xiaomi finally reveals the date and time of its new 12S series announcement
This $40 device effortlessly replaced my $350 Apple Watch Series 7
This $40 device effortlessly replaced my $350 Apple Watch Series 7

Popular stories

This $40 device effortlessly replaced my $350 Apple Watch Series 7
This $40 device effortlessly replaced my $350 Apple Watch Series 7
Samsung working to bring foldable phones to regular folks with Galaxy A Fold and Flip
Samsung working to bring foldable phones to regular folks with Galaxy A Fold and Flip
An iPhone 14 Pro Max price leak pegs the flagship specs at a higher tag
An iPhone 14 Pro Max price leak pegs the flagship specs at a higher tag
No 120Hz display for iPhone 14: But Apple has a secret for smooth performance (that Android doesn’t)
No 120Hz display for iPhone 14: But Apple has a secret for smooth performance (that Android doesn’t)
'They ripped off our technology': Apple exec stokes rivalry with Samsung
'They ripped off our technology': Apple exec stokes rivalry with Samsung
New report brings unexciting Samsung Galaxy S23 camera news
New report brings unexciting Samsung Galaxy S23 camera news
FCC OKs Cingular\'s purchase of AT&T Wireless