A researcher has found that Android phones in particular are vulnerable to drive-by wifi infections. Due to glitches in a widely used wifi chip, hackers are able to seize control of mobile devices without needing any user interaction.
The flaw appears to reside in the wifi chipset made by Broadcom, which is used by both Google’s Android and Apple’s iOS devices – though Apple patched the vulnerability in its last update, leaving only Android phones exposed. The vulnerability results from a lack of basic exploit mitigations, such as including stack cookies, safe unlinking and access permission protection. This can be ensured through the use of a Memory Protection Unit (MPU in short), which the chip does have. But its MPU is not implemented correctly, leaving memory not just readable but also open to modifications and malware execution directly within the hardware and, subsequently, the device it’s installed in.
Google will likely release a patch in its next update, but details of this are hazy and the author of the original article was unable to get a comment from the company. So for the time being, as with so many things, it’s best for users to remain wary and check their phones regularly for any irregular activity.