Skip to main content
  1. Home
  2. Phones
  3. Mobile
  4. News

Wi-Fi exploit can repeatedly duplicate itself and infect wireless devices

By
Add as a preferred source on Google

Despite Apple’s and Google’s best efforts to keep our smartphones safe, new vulnerabilities always crop up. Traditionally, they are exclusive to a device, or maybe several versions of a device’s firmware — and hopefully, they are dealt with swiftly. Unfortunately, a new gap has been discovered that transcends operating systems, delivering malware in a way we have not seen before.

The exploit attacks a phone’s Wi-Fi chip and because multiple manufacturers source their wireless equipment from the same company, it can be carried out across devices. Broadcom produces the tech used in some of the market’s top devices, like the Galaxy, Nexus, and iPhone brands. Appropriately, the scheme has been named “Broadpwn,” according to The Guardian.

Recommended Videos

Researcher Nitay Artenstein revealed the flaw at the Black Hat security conference in Las Vegas on Thursday. Fortunately, it has just been patched. If you have updated to the recently released iOS 10.3.3 or Android’s July security fix, your phone is no longer susceptible to the attack.

As for how it works, hackers have been able to take advantage of common flaws found in a number of Broadcom’s chips to write and push code that can directly inhibit a phone’s Wi-Fi capabilities. Through this, they gain full control over the component and can even engineer the malware to self-replicate and automatically move to the next-closest device all on its own.

According to Artenstein, the method requires very little intervention on the part of the hacker. Everything can be carried out remotely, without knowledge of the specific device being targeted. It is so discreet, there is no sign to tip the owner off that they have been infected.

It sounds like a doomsday scenario — especially the self-replicating part — though thankfully the exploit only concerns the Wi-Fi chip and cannot be used to gain access to the device at this time.

While the vulnerability has been patched for users of the newest devices receiving the latest security updates, owners of older hardware will regrettably be left out in the cold. Under Google’s current policy for its own products, like the Pixel, system updates are no longer issued two years after release, while security updates wrap up after three. That is standard practice in the Android industry and unfortunately, the best owners can really hope for. Most manufacturers struggle to get crucial updates out in a timely manner and some never even get around to it.

Adam Ismail
Adam Ismail
Former Contributor
Adam’s obsession with tech began at a young age, with a Sega Dreamcast – and he’s been hooked ever since. Previously…
Topics
The Galaxy Z Fold 8 Wide leaked in case listings, and the design shift is more dramatic than I expected
The Fold 8 Wide's case doesn't just hint at a wider phone. It hints at Samsung rethinking what a foldable is actually supposed to feel like to use.
Samsung Galaxy Z WideFold

Samsung’s purported Galaxy Z Fold 8 Wide is still months away from its expected debut, but the phone’s case makers apparently couldn’t wait. 

Earlier today, trusted tipster Ice Universe (on X) posted pictures of third-party protective cases for the Fold 8 Wide, which are already listed on Alibaba (a Chinese e-commerce platform).

Read more
Fake stalking apps racked million of downloads. It says a lot about Google’s security and us
I Spy Podcast

There is no app that lets you pull up someone else's call history. There never has been, and there almost certainly never will be — carriers don't expose that data, and no third-party developer has the access required to retrieve it. This is not a grey area; it is simply not possible. And yet, 7.3 million people, according to welivesecurity have downloaded apps that claimed to do exactly that.

Security researchers at ESET spent months untangling a sprawling family of 28 fraudulent Android apps they collectively dubbed CallPhantom — apps that promised users a window into anyone's phone activity: call logs, SMS records, even WhatsApp history. Enter a number, pay a small fee, and the secrets of whoever you were looking up would supposedly come spilling out. What actually came out was fiction — random phone numbers dressed up with hardcoded names and timestamps, generated by the app itself, designed to look just convincing enough to seem real. The payoff is that users only saw this fake data after they'd already paid. That sequencing wasn't accidental.

Read more
This could be the final form of the iPhone 18 Pro, and it’s expectedly boring
Electronics, Speaker, Phone

We’re already in May, which means the next big iPhone season is slowly getting closer. In just a few months, iPhone 18 Pro will finally step into the spotlight, and I can’t deny it, I still get excited every year when a new iPhone launch approaches. There’s something fun about the buildup, the leaks, the keynote anticipation, and all the speculation that comes with it.

But recently, a new video from Jon Prosser at Front Page Tech gave us what could be an early look at the upcoming Pro model, and honestly, it left me a little underwhelmed. If these renders are even somewhat accurate, the phone feels way too familiar. It does not look bad or unattractive; it just looks safe in a way that makes it hard to feel excited about. At first glance, it barely feels like a new-generation iPhone at all.

Read more