The issue of personal digital security is once again in the spotlight with news that close to a billion Android devices and nearly every iOS device are vulnerable to new operating system (OS) threats.
News of a security threat affecting nearly 900 million Android-powered handsets – including Samsung Galaxy S7 and S7 Edge, LG G5, Nexus 6P and Sony Xperia Z Ultra, among many – came when digital security firm Check Point announced a report detailing the hardware flaws.
Dubbed QuadRooter, the threat is a series of vulnerabilities found in a certain Qualcomm processor that allows an attacker to access and control your device via a malicious app.
For iOS, the normally-secure operating system made news for all the wrong reasons when it was announced that an Israeli security firm had developed a way to hack any iOS device and install spyware, known as Pegasus.
The exploit is now known to affect MacOS users as well.
Complications leave you vulnerable
Device manufacturers are usually swift to issue software updates to patch security flaws, but delays getting these out to users are sometimes encountered. Android users are particularly vulnerable. Even though Google may issue a fix, individual companies can require extra time to issue a branded and/or modified version of the mobile OS.
While a device is affected, malware may be used to harvest personal data and even control it without the user knowing.
Some malware can even mimic the power down procedure of the device, so as to appear switched off while in reality still functioning.
Malicious actors can then use or sell this personal data for the purposes of identity theft, exploit financial systems or worse.
Luckily, there are a few simple steps you can take to ensure your device is not vulnerable to attack.
- Check your Android device with this free app from Check Point.
- Or to check your iOS device, install an app called Lookout.
- Download and install the latest operating system update – this should usually be enough to secure your device.
- To remain secure: delete messages from unknown numbers; use a passcode to lock your handset; and only download apps from Google Play or iTunes Store.
If you get hacked
If you have been compromised and a malicious actor has been mining your personal data, there are ways to recover.
First, change your handset passcode and passwords for services and websites you usually access via your smartphone.
Next, log onto a site like haveibeenpwned or breachalarm and input your email address. These websites aggregate data from breaches released into the public or made for sale on the Deep Web and will check if your details have been published.
If you do have compromised accounts, you can then log onto those account services, such as Adobe or Amazon, and change your login details.
The New Daily takes no responsibility for any loss or damage to hardware or data that results from acting on the information contained in this article.