A Broadcom chip flaw found and demoed by Exodus Intelligence’s Nitay Artenstein exposed a potential critical threat to 1 billion Android and iOS smartphones. This exploit was possible due to a specific Broadcom Wi-Fi chip bug that let the hacker gain remote execution access on smartphones. Fortunately, before this could happen, Google and Apple both have fixed the bug. The Wi-Fi chip is vulnerable to a self-replicating attack, which could spread infect and spread without any user interaction.
Ars Technica reports that this vulnerability was found in the BCM43xx family of Wi-Fi chips manufactured by Broadcom. Artenstein demoed a proof-of-concept attack code that took advantage of the vulnerability at the Black Hat security conference in Las Vegas recently. This code reportedly fills airwaves with connection requests to nearby devices, and when the request reaches the specified Wi-Fi chipsets’ devices particularly; it rewrites the firmware controlling the chip. Then, the compromised chip sends malicious packets to other exploitable devices, creating a domino effect of sorts. Artenstein has dubbed this bug as ‘Broadpwn’, and this vulnerable chip resides in almost 1 billion smartphones in the market, as mentioned before.
The report states that Artenstein got in touch with Google and Apple both to make them aware about this bug, and Google released a patch early in July to prevent any sort of ripple effect to start. Apple also released a fix two weeks ago as well, preventing a potential self-replicating attack to spread to a large number of devices.
“This research is an attempt to demonstrate what such an attack, and such a…