Mobile
Cybersecurity

Nasty bug allows hackers to take over many Android phones. Here's what you can do.

There's no official fix for most devices, but there's a workaround.
By Stan Schroeder  on 
Samsung Galaxy S22
Samsung Galaxy S22 is one of the affected devices, but only the variants with an Exynos chipset are vulnerable. Credit: Samsung

As bugs go, it doesn't get any worse than this: A newly found vulnerability in Samsung's Exynos modems allows hackers to take over phones without any intervention from the phone's owners.

Google Project Zero(opens in a new tab) found a total of 18 zero-day vulnerabilities in Samsung's Exynos modems in late 2022 and early 2023. Four of those allow the hackers to remotely compromise the users's phone, and only require that they know the victim's phone number. Google claims that skilled attackers might be able to "quickly create an operational exploit to compromise affected devices silently and remotely."

The list of phones that are vulnerable is quite long: Samsung S22, M33, M13, M12, A71, A53, A33, A21, A13, A12 and A04 series, Google Pixel 6 and Pixel 7 series, and Vivo S16, S15, S6, X70, X60 and X30 series.

Additionally, any wearables that use the Exynos W920 chipset (these include the Galaxy Watch 4 and 5, for example), and any vehicles that use the Exynos Auto T5123 chipset are vulnerable too.

The silver lining for Samsung Galaxy S22 owners is that phones from that series that are sold in the U.S. have a Qualcomm chipset instead of Samsung's Exynos chipset, and are therefore not vulnerable. Galaxy S22 owners in Europe aren't so lucky. Also, Google fixed the vulnerability on Pixel 7 phones with its March 2023 security patch, though 9to5Google(opens in a new tab) notes that the Pixel 6, Pixel 6 Pro, and Pixel 6a are still vulnerable.

Fortunately, there is a way for users to temporarily remedy the issue by turning off Wi-Fi calling and Voice-over-LTE in their device's settings. This might result in slightly lower voice call quality, but it at least means your phone is safe until an official patch is available.

More in Cybersecurity

Stan is a Senior Editor at Mashable, where he has worked since 2007. He's got more battery-powered gadgets and band t-shirts than you. He writes about the next groundbreaking thing. Typically, this is a phone, a coin, or a car. His ultimate goal is to know something about everything.


Recommended For You

Ali Wong breaks down one of her character's most moving moments in 'Beef'

Google is giving early access to its AI assistant to Pixel Superfans

Xiaomi 13 Ultra has four 50-megapixel cameras


More in Tech
Google Bard introduces new features for generating and debugging code

Why you should consider going green with your gadgets this Earth Day and every day
By Mashable BrandX and HP

Rihanna, Taylor Swift among the few celebrities paying Twitter to keep their blue checkmarks

Avast show us what to expect In 2023 and how to stay safe


Trending on Mashable

'Wordle' today: Here's the answer, hints for April 21

Dril and other Twitter power users begin campaign to 'Block the Blue' paid checkmarks

How to remove Snapchat's My AI from your Chat feed

The biggest stories of the day delivered to your inbox.
By signing up to the Mashable newsletter you agree to receive electronic communications from Mashable that may sometimes include advertisements or sponsored content.
Thanks for signing up. See you at your inbox!