Like every month, the Google team released the Android Security Bulletin, a page containing the security vulnerability that have been resolved or not. And in the March price list mention is made of a flaw, more precisely a rootkit, which has affected millions and millions of chipset-based smartphones MediaTek. As far as it is officially mentioned only now, its existence had already been mentioned by the XDA community since April 2019. Although it was immediately published a month after a corrective update by the chipmaker, this problem has not yet been fully resolved .
Upgrade 23 / 02: almost a year later, we return to talk about the MediaTek flaw but with a positive implication. We tell you about it in this article.
A major vulnerability is hitting smartphones with MediaTek SoC
Despite this update to fix it, this vulnerability is still present on dozens of models with SoC MediaTek, to the delight of hackers who are taking advantage of it. This rootkit was discovered by a user who was fiddling with a tablet Amazon Fire, based precisely on MediaTek solution. This is because Amazon products are very difficult to unlock and root, as the company doesn't want you to exit pre-established software. The user diplomacy he succeeded in this small business by finding this exploit and bypassing the security blocks. It is no coincidence that the name and the name with which it is identified is “MediaTek-on", Just to indicate the concept of" SuperUser "able to root.
This was possible precisely by taking advantage of this flaw granted by the MediaTek hardware platform, used not only by Amazon. As indicated by the author of this work, it is a flaw "virtually present on all MediaTek 64-bit chips". Specifically, here are which chipsets would be involved:
"MT6580, MT6595, MT6735, MT6737, MT6738, MT6739, MT6750, MT6753, MT6755 (Helio P1x), MT6757 (Helio P2x), MT6758, MT6761, MT6762 (Helio P22), MT6763 (Helio P23), MT6765, MT6771 (Helio P60), MT6779, MT6795 (Helio X10), MT6797 (Helio X2x), MT6799, MT8163, MT8167, MT8173, MT8176, MT8183 "
Without going too far in the technician (if you are interested, we refer you to the XDA article that you find in the source), it is clear that several million smartphones in circulation have been affected, given the amount of chips that are affected.
What is at risk with Mediatek-su?
Having access to root permissions without unlocking the bootloader may seem an advantage, so called. But what follows is that just install a malicious app to give the attackers access to your device. Dropping the security protection of Android, this app can give itself all the permissions it wants without the victim noticing, having access to all data in memory, as well as al microphone, video camera and so on.
But we do not want to create excessive alarmism, therefore it is good to know that usually you risk something only if you perform actions of doubtful legitimacy. This means install apps outside the Play Store, i.e. software not subject to the controls performed by the Google team. If you just use the phone with the classic apps that everyone uses, you can rest assured that something will hardly happen to you.
Technically this flaw would also have a flaw in turn, that is, access to root permissions would be canceled each time the phone is restarted. Without considering that starting from Android 9 Marshmallow the Verified Boot and dm-verity systems mean that the read-only partitions cannot be modified. But they are obstacles that can be easily avoided by hackers: in the first case, just enter a command that repeats the malicious script after each restart, while in the second, it is not even necessary to make permanent changes to do damage.
Fortunately, several companies have since patched this flaw, preventing such access. Unfortunately, however, not all of them have adapted, especially in the case of models not up to date with the latest security patches. This is the case with cheaper phones, which often come and go with the same patches they were released with or poco more.
How to understand if your smartphone is affected
Although it is not possible to have a complete list of the models still affected today, one way to understand if you are (almost certainly) protected is if there are March 2020 patch. But since many still don't have them yet, you can find out if your device is affected by a dedicated procedure. Unfortunately this is not something accessible to anyone, having to act through ADB commands via PC. But if you have a minimum of manual skills with this type of operation, you should do it without major problems. In case you are not able, try asking someone more prepared among your relatives or friends.
⭐️ Discover the new Weekly Flyer of GizChina with always different exclusive offers and coupons.