Android-powered smartphones may be at risk from a “undetectable” Qualcomm software flaw that has left users’ text messages and call histories open to hackers, according to Web reports.
The reports say that when Qualcomm introduced new APIs as part of the Android network manager system service, vulnerable phones were connected to the “netd” daemon, which allows an attacker to perform tasks such as viewing a user’s SMS database and phone history.
Those most at risk are said to be the 34 percent of Android users running versions 4.3 and earlier, as they lack a feature called Security Enhancements for Android (SEAndroid) and probably will remain unpatched.
A Qualcomm spokesperson last week said the company hasn’t seen any evidence that the vulnerability has so far been exploited.
