Checkpoint Research (CPR) discovered vulnerabilities for Android
Apple has made the software open source and the ALAC format has been integrated into many non-Apple audio devices and drivers
Check Point Research (CPR) discovered vulnerabilities in decoders
Check Point Research (CPR) has discovered security vulnerabilities in audio decoders used by Qualcomm and MediaTek, two of the world’s largest chip makers. It’s the threat intelligence department at the checkpoint.
If these flaws are not corrected, it will lead to a remote attack on multimedia files and voice chats. CPR estimates that two-thirds of the world’s smartphones are at risk. According to the investigation, the vulnerable code is based on a code shared by Apple 11 years ago.
This flaw was discovered by the Apple Lossless Audio Codec (ALAC), also known as Apple Lossless. ALAC is an audio coding format developed by Apple Inc. It was first introduced in 2004 to compress digital audio information without data loss. It is worth noting that Apple made the software open source and the ALAC format is integrated into many non-Apple audio devices and drivers, including Android smartphones, as well as Windows and Linux media players and converters.
“We discovered a set of vulnerabilities that could be used for remote execution and privilege granting on two-thirds of the world’s mobile devices. The vulnerabilities were easy to exploit. A cybercriminal could send a song (i.e. a multimedia file) and thus reproduce that by a potential victim, he could have Inject malicious code into the reboot service. A cybercriminal can see what the user has seen,” says Slava McAfeev, a researcher and specialist in reverse engineering and security research at Check Point Research.
“In our proof of concept, we were able to steal a camera stream from a smartphone. What is the most sensitive information we can get on our mobile devices? I think it’s multimedia files: audio and video. An attacker can steal it for through these vulnerabilities.”
It is worth noting that to protect users, CPR researchers recommend updating operating systems regularly, as every month Google releases security updates for Android.
Hackers break into Samsung and steal Galaxy source code
Hackers from the Lapsus group have claimed responsibility for another attack on a technology company, this time Samsung. According to the company, the group was going to escape with the Galaxy Line’s source code. The South Korean company also said the attack would not affect its business or the personal data of its customers.
South American hacker group Lapsus$ has risen to global prominence in recent days after breaking into the systems of Nvidia, a video card developer, and stealing, among emails and other confidential documents, the source code of DSLL, a resource company exclusive tool for optimizing Image quality.
In Brazil, the group became famous after hacking the Ministry of Health system and causing a crash in the ConnectSUS app, allowing Brazilian citizens to access their vaccination information.
At least 200 GB of stolen data has been confirmed. Samsung stated that the stolen source code is being used by the company for encryption functions and biometric unlocking of Galaxy phones. It is not yet known what the criminals intend to do with the data, if they have plans to use any vulnerabilities discovered or if they intend to sell it.
In a note to US publication Bloomberg, Samsung stated:
“There was a security breach related to certain internal company data. According to our initial analysis, the breach includes some source code related to the operation of Galaxy devices, but does not include personal information of our customers or employees. Currently, we do not expect any impact on our business or our customers. We have implemented measures To prevent further incidents of this kind and we will continue to serve our customers without interruption.”