IT Security Outsourced IT

Eavesdropping Smartphones

What are Eavesdropping Smartphones?

MediaTek is a Taiwanese company that manufactures chips for smartphones and other smart devices that are used by roughly one third of the world’s smartphones, and 43% of all Android devices. Security updates recently addressed serious vulnerabilities that could allow malicious Android apps to record audio and spy on users. Prior to those updates, smartphones and smart devices with MediaTek chips were accessible by cyberattackers. In order to gain access to devices, cyberattackers would need to install malware onto targeted devices, or to find alternate means of access the MediaTek audio firmware1. The malicious app installed on the device could then interact with the MediaTek audio driver and they could send malicious code to the device memory in MediaTek firmware where they could gain control over the driver. Once the cyberattacker has control over the driver, they can then intercept the audio flow on the device, enabling eavesdropping.

Four distinct vulnerabilities were discovered and patched. Some of the devices known to use MediaTek chips are from Xiaomi, Oppo, Realme, and Vivo. All four of the discovered vulnerabilities affect the digital signal processor, with the impacting the processor’s firmware and the fourth vulnerability impacted the hardware abstraction layer. The issues stemmed from a set of faulty configuration settings which here implemented for debugging purposes.

While this particular vulnerability was related specifically to the chips manufactured by MediaTek, there are other means for cyberattackers to eavesdrop on your smartphone or other smart devices. Spyware tools are apps, software programs, and devices that allow another person to secretly monitor and record information about your phone activity including photos and videos you take, websites you visit, text messages, call logs, and your location. Spyware installed on rooted phones (Android) or jailbroken phones (iPhone) can allow someone to turn on microphones or webcams, take screenshots, see third-party app activity (Snapchat, WhatsApp, etc.), as well as intercept, forward, and record phone calls. Spyware is often installed by someone who physically accesses your device, and once it is installed it runs in stealth mode without any notifications or identifying activity alerting you to its presence2. In order to access your phone activity, the person monitoring your device signs into a website or app on a different device.

Detecting spyware can be challenging. Some signs that your device may have spyware include:

  • Battery draining rapidly
  • Device turning on and off
  • Spikes in data usage
  • Someone you know seems to know too much about your phone activity

Respond to spyware by:

  • Collecting evidence in case this leads to a criminal or civil legal action
  • Removing spyware- factory reset, manually add apps and software, creating new accounts
  • Changing passwords on accounts and applications
  • Prevent spyware by:
  • Locking your devices
  • Using anti-virus and anti-spyware solutions
  • Using security features on your devices that prevent installations from unknown sources
  • Do not root phones (Android) or jailbreak phones (iPhone)

1 Cimpanu, 2021, “Eavesdropping bug impacts roughly a third of the world’s smartphones”

2 Technology Safety, 2021, “Spyware and Stalkerware: Phone Surveillance & Safety for Survivors”