The problem affects 37% of all smartphones in the world.
The Taiwanese company MediaTek, which manufactures a wide range of chips for smartphones and other IoT devices, has released security updates to eliminate dangerous vulnerabilities that could allow malicious Android applications to record audio and spy on phone owners.
Three issues were fixed in October (CVE-2021-0661, CVE-2021-0662 and CVE-2021-0663), and the fourth (CVE-2021-0673) will receive a fix next month. MediaTek chips contain a special AI processing unit (APU) and an audio signal processor (Digital signal processor, DSP) to improve multimedia performance and reduce processor load. APU and DSP have individual microprocessor architecture, which makes MediaTek DSP a challenging target for cybersecurity research. Experts from Check Point were able to reverse engineer the MediaTek audio processor, identifying several vulnerabilities.
Malicious applications installed on the device can interact with the MediaTek audio driver. Applications can send malicious messages to the MediaTek firmware in order to gain control of the driver, and then use it to eavesdrop on any audio stream passing through the device.
The vulnerabilities prevent attackers from connecting to microphones, but once audio data passes through the MediaTek driver, it can be recorded, including phone calls, WhatsApp calls, browser videos and video players.
To date, MediaTek chips are installed on about 37% of all smartphones in the world, and vulnerabilities represent a huge attack surface for any malicious application and malware developer.
According to representatives of MediaTek, there is currently no evidence that vulnerabilities were exploited in real attacks.