Skip to main content
  1. Home
  2. Mobile
  3. News

Wi-Fi exploit can repeatedly duplicate itself and infect wireless devices

By

A man looks on his phone.
ryanking999/123RF
Despite Apple’s and Google’s best efforts to keep our smartphones safe, new vulnerabilities always crop up. Traditionally, they are exclusive to a device, or maybe several versions of a device’s firmware — and hopefully, they are dealt with swiftly. Unfortunately, a new gap has been discovered that transcends operating systems, delivering malware in a way we have not seen before.

The exploit attacks a phone’s Wi-Fi chip and because multiple manufacturers source their wireless equipment from the same company, it can be carried out across devices. Broadcom produces the tech used in some of the market’s top devices, like the Galaxy, Nexus, and iPhone brands. Appropriately, the scheme has been named “Broadpwn,” according to The Guardian.

Recommended Videos

Researcher Nitay Artenstein revealed the flaw at the Black Hat security conference in Las Vegas on Thursday. Fortunately, it has just been patched. If you have updated to the recently released iOS 10.3.3 or Android’s July security fix, your phone is no longer susceptible to the attack.

Related

As for how it works, hackers have been able to take advantage of common flaws found in a number of Broadcom’s chips to write and push code that can directly inhibit a phone’s Wi-Fi capabilities. Through this, they gain full control over the component and can even engineer the malware to self-replicate and automatically move to the next-closest device all on its own.

According to Artenstein, the method requires very little intervention on the part of the hacker. Everything can be carried out remotely, without knowledge of the specific device being targeted. It is so discreet, there is no sign to tip the owner off that they have been infected.

It sounds like a doomsday scenario — especially the self-replicating part — though thankfully the exploit only concerns the Wi-Fi chip and cannot be used to gain access to the device at this time.

While the vulnerability has been patched for users of the newest devices receiving the latest security updates, owners of older hardware will regrettably be left out in the cold. Under Google’s current policy for its own products, like the Pixel, system updates are no longer issued two years after release, while security updates wrap up after three. That is standard practice in the Android industry and unfortunately, the best owners can really hope for. Most manufacturers struggle to get crucial updates out in a timely manner and some never even get around to it.

Editors’ Recommendations

Topics
Adam Ismail
Adam Ismail
Former Digital Trends Contributor
Adam’s obsession with tech began at a young age, with a Sega Dreamcast – and he’s been hooked ever since. Previously…
How to tell if your smartphone has been hacked
Kids playing on a smartphone.

Smartphones have profoundly changed the way people live, communicate with each other, and keep themselves entertained. But like everything else, there's a downside. Corrupt people always want what doesn't belong to them, and devise elaborate criminal methods to get what they want and make everyone else miserable. When thieves hack smartphones, they take more than possessions -- they steal information, money, identity, and -- in some cases -- reputation, all of which can destabilize and endanger the target's health and well-being.

Don't bother expending any effort to identify the hacker. While it's possible to find out who broke into your phone, most of these searches wind up failing. That's because most phone hackers operate on the dark web and behind proxy servers. They specialize in covering their tracks. Most cyberattacks and phone hacks are carried out via malware, anyway, so despite how personal it may feel, mostly it's not personal at all.

Read more
Fortnite finally comes back to Apple devices via GeForce Now
Spider-Man in Fortnite.

Nvidia announced today that it's bringing Fortnite back to Apple platforms with an open beta on Android and iOS devices through its cloud gaming service, Nvidia GeForce Now. This limited-time testing will take place on the Nvidia GeForce Now Android app and the iOS Safari web browser. Note that it's the Apple web browser, not an app.

GeForce Now members can sign up for the open beta before it starts next week. However, there's limited space available, so everyone who signs up won't necessarily receive an invite. Those who want to participate but don't yet have a Nvidia GeForce Now account can sign up for free.

Read more
Pikmin Bloom is more a Nintendo fitness app than a video game
Pikmin gang carrying items and waving

Pikmin Bloom recently released for mobile devices across the world. Nintendo fans weren’t sure what to expect when Pokémon Go developer Niantic announced a new augmented reality game based on Pikmin, the popular franchise starring half-plant, half-animal creatures. While the game takes some inspiration from Pokémon Go, it's a completely different experience that's more akin to a fitness app than an actual game.

Pikmin Bloom Game Overview Trailer

Read more