Nexus 6 And Nexus 6P Modem Exploit Patched By Google

By Edwin Kee
Nexus 6P
Android 7.0 updates are available for the Nexus 6P. XXxWikipedianxXx/ Wikipedia

While modern day smartphones are able to do so much more than their feature phone counterparts of yore, there is a potential downside to it all -- a security breach could happen anytime due to exploits discovered in the software. Well, this is exactly what happened when security researchers picked up an exploit in the Nexus 6 and Nexus 6P smartphones which hail from Google’s stable. This particular exploit enabled hackers to take control of the respective devices’ modem, and thankfully, it has been patched on the quiet without raising any attention to such a particular exploit. Imagine if news of the exploit got around before a patch was introduced -- many would have experienced some sort of data loss or even identity theft.

Interestingly enough, the Nexus 6 which was manufactured by the folks at Motorola (also known as the Nexus X), was patched up in November last year, while the Huawei-manufactured Nexus 6P received a similar patch just at the turn of the new year. As for the security research team that managed to discover this exploit, hats off to IBM’s X-Force.

X-Force managed to find a flaw after zeroing in on the bootmode of the Nexus handsets. This particular flaw opened up the possibility of those with malicious intent, or attackers, to make use of USB access in those devices to hijack the modem when the smartphone boots up. Of course, the vulnerable devices will first need to have the Android Debug Bridge (ADB) enabled. Normally, this mode will only be activated by app developers in order for them to load APKs on Android smartphones. The X-Force team claims that there are also ways to get around this, that is, activating ADB despite it being disabled on the handset in the first place.

Should the attackers gain success with their modus operandi, then they are able to gain much control of the Nexus 6 or 6P: including making phone calls to others, or perhaps to retrieve call information (unlawfully, of course) from the handset itself, right down to hunting down the handset’s exact GPS coordinates. Hence, it is nice to hear that this potentially destructive exploit has been fully patched and fixed before news of it headed out to the Internet where hackers with malicious intent are able to take advantage of the situation.

It always pays to make sure that your smartphone is updated with the latest version of the operating system and security updates, as you can never quite tell as to when there might be a risk of something like this happening without you realizing it. Unfortunately, this particular security fix has not quite managed to pinpoint the reason for the sudden shutting down of the Nexus 6P despite having more than a reasonable level of battery life. Hence, that is one more issue about the Nexus 6P (and Google’s latest Pixel and Pixel XL smartphones too, have been affected by this strange malaise) that ought to be fixed nice and proper with the next Android Nougat operating system update.