Mobile Security

Kryptowire Identifies Security Vulnerability in Mobile Chipset

Vulnerability enables outside access to user data, camera function, system logs, and device management 

Kryptowire Inc., a mobile security and privacy solutions company, today announced that they have identified a critical security and privacy vulnerability affecting mobile devices with UNISOC, China’s largest designer of chips for mobile phones. The vulnerability within the chipset, if exploited, allows malicious actors to take control over user data and device functionality. 

Specifically, the vulnerability allows intruders to access call and system logs, text messages, contacts, and other private data, video record the device’s screen or use the external-facing camera to record video, or even take control of the device remotely, altering or wiping data. Adhering to its disclosure policy, Kryptowire notified affected device manufacturers and carriers, as well as UNISOC, of the vulnerability in December 2021.

“In an increasingly competitive mobile device market, it’s imperative that device manufacturers establish and maintain trust among carriers and end users,” Alex Lisle, Chief Technical Officer, Kryptowire. “Kryptowire’s core technology, which provides rapid, automatic vulnerability scanning without intrusion into end user data, helps stakeholders find and remediate critical security and privacy gaps faster and more efficiently, increasing confidence in the face of complex security challenges.” 

Mobile device and operating system (iOS and Android) use has increased rapidly in the pandemic era, especially as more exchanges, transactions, and communications go “mobile-first.” This combined with the new found risks in the supply-chain has resulted in oversights and security flaws. Accordingly, businesses need AI enabled cloud-based mobile security solutions that not only safeguard mobile devices from bad actors, but also provide intrusion-free protection to its end users. In 2021 alone, Kryptowire scanned over 3 billion lines of code across 70,000 applications, discovering over 500 vulnerabilities affecting approximately 2 billion devices. 

Founded in 2011, Kryptowire developed and launched its Mobile Application Security Testing (MAST) service, leveraging its military-grade proprietary analysis engine. This AI enabled cloud-based service gives organizations the ability to automatically scan mobile content for security, privacy, and compliance issues without accessing source code. This saves time, reduces human resource burdens, and preserves end user privacy.

For more such updates and perspectives around Digital Innovation, IoT, Data Infrastructure, AI & Cybersecurity, go to AI-Techpark.com.

Related posts

Global Mobile Threat Report 2023: Zimperium

PR Newswire

SessionGuardian enables unprecedented mobile security innovation

PR Newswire

Licel joins Grow London Global Programme for growth opportunities

PR Newswire