Google and Apple patch Wi-Fi vulnerability that could have affected 1 billion phones

At the recent Black Hat security conference in Las Vegas, Exodus Intelligence's Nitay Artenstein wanted to prove that some Wi-Fi chips produced by Broadcom could negatively affect 1 billion handsets, both iOS and Android flavored. The attack code sent out by Artenstein asks to make a connection with computing devices that are nearby. When these requests are received by devices running the BCM43xx model of Wi-Fi chips found inside certain smartphones, the firmware controlling the chip is revised by the attack.

The affected chip sends out malicious packets to other devices creating a domino effect. All together, roughly one billion handsets were vulnerable to this attack until Google sent out an update that included a patch earlier this month. Apple sent out its patch last week.


Artenstein, who named the worm "Broadpwn," says that the attack worked on the Apple iPhone 5 and later, and the Nexus 5, Nexus 5X, Nexus 6, and Nexus 6P. Also affected were the Samsung Galaxy S3 through the current Galaxy S8.

With the flaw now closed by Apple and Google, this is one vulnerability that you need not worry about anymore. However, for every flaw that is plugged, another one seems to pop up. That means companies like Google and Apple can never let their guard down.

source: ArsTechnica