But, as with everything, you get what you pay for. A recently discovered vulnerability in many budget Chinese phones that could allow an attacker to gain root access confirms this mod. Here’s what you need to know.
Understanding the Attack
The MT6582 shipped with a debug setting enabled, which the manufacturer says was used to test «telecom interoperability» in China.
While MediaTek was necessary to actually design the chip and ensure it works properly, leaving it on a consumer device poses an incredible security risk to consumers. What for? Because it allows an attacker or malware to gain root access to the phone .
This will allow them to change and delete important system files and settings, spy on the user, and install even more malware without the user’s consent. If an attacker wants to, they can even lock the phone, rendering it useless.
According to The Register, this vulnerability can only be executed on phones running version 4.4 KitKat of the Android operating system.
This vulnerability affected almost all Linux distributions, as well as many Android phones. Luckily, a fix was released quickly.
put down the pitchfork
While phones from Lenovo and Huawei have been particularly hard hit, they are not to be blamed. While this may seem attractive, given that some of these manufacturers have a history of security-related violations.
But here their hands are clean. One day. The blame lies squarely on MediaTek’s doorstep, which shipped these chips to manufacturers with customization enabled.