A dangerous backdoor has been discovered in the MediaTek processor that could be exploited to hack Android devices remotely.
MediaTek is a Taiwan-based hardware company that manufacture hardware chips and processor used in the smartphones and tablets.
The backdoor was discovered by security researcher Justin Case
, who already informed MediaTek about the security issue via Twitter, as the chipset manufacturer had no proper vulnerability reporting mechanism in place.
The vulnerability is apparently due to a debug tool that was opened up for carriers to test the device on their networks, but unfortunately, it was left open in the shipped devices, thus leaving the serious backdoor open to hackers.
If exploited, the debug feature could allow hackers to compromise personal data of an Android device, including user’s private contacts, messages, photos, videos and other private data.
MediaTek acknowledged the issue, saying “We are aware of this issue, and it has been reviewed by MediaTek’s security team. It was mainly found in devices running Android 4.4 KitKat, due to a debug feature created for telecommunication inter-operability testing in China.”
The issue actually resides in MediaTek MT6582 processor, which worryingly is being used in many high profile Android devices.
So, if your smartphone is using this processor, the only thing you can do for now is to…
…Keep your Android device off the Internet in an effort to protect yourself.
The company also said that it has notified all OEMs of the potential loophole, so it’s now up to the affected OEMs to issue a security patch to close the backdoor.
“While this issue affected certain manufacturers, it also only affected a portion of devices for those manufacturers. We have taken steps to alert all manufacturers and remind them of this important feature,” MediaTek spokesperson released a statement.