The company Check Point found a vulnerability in the MediaTek processors which enables spy on a device with a simple malicious app. A vulnerability is an open door in the security of the processor that allows, through a virus,access certain parts that should not be available.
Apparently the fault is in the DSP, the person in charge of manage everything that has to do with audio and is an integrated part of the processor. It is here that the vulnerability.
This DSP of the MediaTek chips has a open door (or backdoor) which can be accessed with a simple malicious app. If this application is installed on your mobile, the user who has developed it has the opportunity to activate permissions which you shouldn’t be able to activate. This makes it possible activate certain parts of the system to spy on the user, find compromised data or other details.
The company, through Slava Makkaveev, one of its security researchers, He explained that “these flaws could be used by device manufacturers themselves to create a mass eavesdropping campaign. Although we do not see any concrete evidence of such misuse, we are quick to disclose our findings to MediaTek and Xiaomi. “In addition, They asked that devices be kept up-to-date with security patches to cut through the vulnerability of these chips.
MediaTek is already aware of this problem and appears to have fixed it. The security patch that the company will ship in December will correct this problem and will close the door open. For now, It is advisable not to download insecure applications from the app stores.