Android security flaw alert

AT least 100,000 users of Android devices in Hong Kong may be affected by a serious security flaw, according to the Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT, 香港電腦保安事故協調中心).

In a warning statement on 9 August, HKCERT said a vendor patch would soon be released by device manufacturers to fix ‘Quadrooter’ flaws.

The centre said Quadrooter is a set of multiple vulnerabilities that can be exploited by hackers using malicious apps to gain complete access to all data and hardware.

The centre’s senior consultant, Leung Siu-cheong (梁兆昌), estimated that up to 60 percent of Android users in Hong Kong could be affected.

Check Point, an international cyber security company, had raised the warning one day earlier.

The vulnerability affects devices built with Qualcomm chipsets, which may mean over 900 million smartphones and tablets worldwide are affected. The affected devices include Google Nexus 5X, Nexus 6, Nexus 6P, HTC One, HTC M9, HTC 10, LG G4, LG G5, LG V10, Samsung Galaxy S7, Samsung S7 Edge and Sony Xperia Z Ultra.

Check Point has released an app on Google Play for users to check whether their devices are affected.

According to a 2014 report by Nielsen (尼爾森), a global information and measurement company, the smartphone penetration rate in Hong Kong was 87 percent, rated the highest in Asia. Android phones account for 68.4 percent of the market, according to Vpon (威朋), a big data analytics company.

Android users may have to be more careful not only because of Quadrooter but also because of ransomware, according to Symantec, an antivirus company.  

(This article is published on Sing Tao Daily on 17 August 2016)

Hong Kong Computer Emergency Response Team Coordination Centre
https://goo.gl/4swnwB

QuadRooter vulnerability: 5 things to know about this Android security scare
http://goo.gl/JMhIUm