High-severity Qualcomm bug hits Android devices in targeted attacks

[YellowSwap]

Out of 235 Qualcomm Chipsets that are in existing right now, 234 of them are at risk of getting exploited right now.

Google has confirmed that there is a big flaw in Qualcomm component that has been exploited, the vulnerability is called integer overflow that leads to memory corruption which allows local attacker to bypass security controls and gain unauthorized system control.

This is just been detected in march 2026 and this CVE version is CVE-2026-21385
If you are using Qualcomm device I advice you be very careful, look out for update version from OS and make sure your device is up to date.

Read more 👉🏻 https://www.malwarebytes.com/blog/news/2026/03/high-severity-qualcomm-bug-hits-android-devices-in-targeted-attacks

This could be one of those unexplained ways that crypto wallets got drained, who knows?
Keep small money only on android crypto wallets always, safe up for airgapped hardware wallet if you haven't.

[Stalker22]

Yeah!  This is a scary one because thats in almost every Android phone out there.  Its a good reminder that our phones are amazing devices, but not really secure storage for our crypto.  Moving it to an air-gapped hardware wallet is the best way to be 100% sure a phone bug cant touch it.

[Zaguru12]

This could be one of those unexplained ways that crypto wallets got drained, who knows?
Keep small money only on android crypto wallets always, safe up for airgapped hardware wallet if you haven't.

There is no indication of it targeting anything crypto wallet but certainly this are malwares that can even be easily used to even control your clipboard, just like copy and paste scammer where the hackers address is mistakenly the one been pasted even though you copied your own address. This is also a warning to those who use hot wallets.

Most importantly this is to those who use their mobile phones or other online tools to as safe for their seed phrases you can easily lose them through malwares like this.

[Mitchell]

I've updated the topic title to actually reflect the contents of this topic.

[suzanne5223]

Out of 235 Qualcomm Chipsets that are in existing right now, 234 of them are at risk of getting exploited right now.

The affected chipsets were all the 235 Qualcomm, not 234, due to an exploited zero-day vulnerability: CVE-2026-21385.
According to what i read, it is better for everyone who is using the Qualcomm chipsets to update their device to the latest version.

This could be one of those unexplained ways that crypto wallets got drained, who knows?
Keep small money only on android crypto wallets always, safe up for airgapped hardware wallet if you haven't.

It could be. Although todays vunerability was all about Android but that doesnt mean Iphone device are safe becaus every mobile wallet are vunerable to attack right from the get-go.

[coupable]

Simple questions from ordinary users who are not into techical details:

Is this a loophole in hardware that can be exploited to gain access to iser private date and personal files?

Does the hackers have access to wallet apps without the need for the seed or the password or the screen lock password in android devices?

What about computers? Which computers/laptops use Qualcomm and can be considered potentially at risk to be targeted?

Is it enough secure to update the device system to the latest version?

How to secure our devices from similar attacks possibilities in the future if the hardware can be vulnerable to loopholes?

[The Cryptovator]

This could be one of those unexplained ways that crypto wallets got drained, who knows?
Keep small money only on android crypto wallets always, safe up for airgapped hardware wallet if you haven't.

If hackers/attackers get control of the device, then it's pretty easy for them to drain the wallet, whether it's a web wallet or a non-custodial wallet. Anything isn't fully safe on a mobile device that's been used online regularly. Because on our regular phones we have to use various apps, from which anytime our device could be compromised in various ways. So the safest way is an air-gapped wallet or a hardware wallet. I often prefer to use a hardware wallet for storing our funds.

We have to keep in mind an even exchange of funds would be drained if all the 2FA is set on the same phone, like Google or mobile 2FA. So when you are sleeping and the device is controlled by attackers, they could do anything with that. So you have to avoid using mobile device or computer 2FA on the same device. Must need to focus on hardware wallets or air-gapped wallets.

[coinlary]

While it affects chipsets that uses Qualcomm graphics / display components, victim still need to install malicious apps  and likes that are capable of carrying out the attacks through various forms.

This means that if an attacker can get a malicious app or local code onto the device, they can feed specially crafted data into the graphics component’s driver and corrupt memory in a controlled way. In practice, a bug like this is a good candidate for turning a normal app’s limited access into something much more powerful, like using it as a building block in a chain of exploits to escalate privileges or to escape a sandbox.

As you can see, the attacker needs some kind of local foothold first, such as getting you to install a malicious app, exploiting another vulnerability, or abusing a compromised app already on the device.

Fine, a mobile device isn't a good choice for holding a huge sum, but this brings us back to the same rule. Stop installing unnecessary apps on your mobile device. As long as you're careful about what you click or download on your mobile device and keep the version up to date, it's quite safe for the small amounts you will be holding that are necessary for quick and emergency usage.

[Outhue]

Simple questions from ordinary users who are not into techical details:

Is this a loophole in hardware that can be exploited to gain access to iser private date and personal files?

Does the hackers have access to wallet apps without the need for the seed or the password or the screen lock password in android devices?

What about computers? Which computers/laptops use Qualcomm and can be considered potentially at risk to be targeted?

Is it enough secure to update the device system to the latest version?

How to secure our devices from similar attacks possibilities in the future if the hardware can be vulnerable to loopholes?

I am not sure as well since I am not into stealing and hacking but there are many things that's possible on Android phones that do compromise it's data of any apk file that's installed.

I remember when we used to edit . registry using another apk file and also data files are accessible using the right file manager with root access, but since this is a vulnerability root access isn't needed.



See the screenshot up above? I remember how possible it was to tamper with premium apps and make them turn free, just by copy pasting some registry files into the data folder.

Who remember how easily it was to hack Obb files of premium android games back in the days?

Here is another screenshot showing how easier it is to access backup and database files using mere file manager and you are still doubting how it's not possible to tamper with crypto wallet files?



Don't forget that crypto wallets are in apk format, after installation is complete, the database is available on the Android inbuilt memory, yes vulnerable in the Qualcomm Chipsets itself will make things possible, it was how xbox360 and PlayStation 4 were able to get jailbroken that everything including datas are accessible.

[Pmalek]

Even though the bug is severe, it still requires that you download and install a malicious app that includes the code to abuse this vulnerability. Average smartphone users wouldn't be affected by this, especially those careful with what they install on their devices. High-value targets with much to lose and who are willing to experiment and try out all sorts of software are more likely to run into something nasty that takes advantage of this bug or anything else that we might still not know about.

[NotATether]

Yay, more problems for me to deal with!

Seriously though, this kind of bug is stupid. You can't be having this kind of supply chain vulnerability in Android, because almost everybody is using Qualcomm. And due to the nature of phones, you can't harden your device like you can with say an Intel desktop or laptop if Intel were to have a vulnerability in the chipset, meaning the blast radius is wide open.

And yet there are still wallets which insist on having mobile-only and Chrome extension versions! The solution cannot be just "Use iPhone".

[ABCbits]

This could be one of those unexplained ways that crypto wallets got drained, who knows?
Keep small money only on android crypto wallets always, safe up for airgapped hardware wallet if you haven't.

There is no indication of it targeting anything crypto wallet but certainly this are malwares that can even be easily used to even control your clipboard, just like copy and paste scammer where the hackers address is mistakenly the one been pasted even though you copied your own address. This is also a warning to those who use hot wallets.

Most importantly this is to those who use their mobile phones or other online tools to as safe for their seed phrases you can easily lose them through malwares like this.

The news only talk about vulnerability, rather than specific malware. It's possible someone will create malware that exploit this vulnerability.

This means that if an attacker can get a malicious app or local code onto the device, they can feed specially crafted data into the graphics component’s driver and corrupt memory in a controlled way. In practice, a bug like this is a good candidate for turning a normal app’s limited access into something much more powerful, like using it as a building block in a chain of exploits to escalate privileges or to escape a sandbox.

They may fool some people since their malicious app doesn't ask much permission, without knowing the app would use this vulnerability to have more/full access to the device.

[YellowSwap]

I've updated the topic title to actually reflect the contents of this topic.

I thought as much😩

At first I thought I was been hacked or something, I was about to cream out loud lol.

Thanks for the appropriate topic moderator, guess I have to work more on how to name my topics.

[TypoTonic]

If you are using Qualcomm device I advice you be very careful, look out for update version from OS and make sure your device is up to date.

Had to check my phone immediately, good thing it was using a different processor. Phew.

Is it enough secure to update the device system to the latest version?

How to secure our devices from similar attacks possibilities in the future if the hardware can be vulnerable to loopholes?

As much as possible, don't store any sensitive information on your phone. It's always recommended to keep your device updated, but there are also other safety precautions included in the article. TL;DR: Just refrain from downloading apps outside the official stores and you'd be fine. You should also check the app permissions and deny any unnecessary access, especially when it comes to storage.

[PrivacyG]

This could be one of those unexplained ways that crypto wallets got drained, who knows?
Keep small money only on android crypto wallets always, safe up for airgapped hardware wallet if you haven't.

Or.  Stop wasting time and set up your own Airgapped Computer until you get to save up.  At least you would keep your Bitcoin in a Safe place until then.

-----

If you are using Qualcomm device I advice you be very careful, look out for update version from OS and make sure your device is up to date.

Had to check my phone immediately, good thing it was using a different processor. Phew.

That does not mean you are not a potential victim.  There are always vulnerabilities to find.  Maybe yours has an even worse one that has not even been found or announced yet.  If you have any valuable Assets on your phone, it is time to move them and to make this a habit of not storing a lot of value on your phone.

[coupable]

Is it enough secure to update the device system to the latest version?

How to secure our devices from similar attacks possibilities in the future if the hardware can be vulnerable to loopholes?

As much as possible, don't store any sensitive information on your phone. It's always recommended to keep your device updated, but there are also other safety precautions included in the article. TL;DR: Just refrain from downloading apps outside the official stores and you'd be fine. You should also check the app permissions and deny any unnecessary access, especially when it comes to storage.

Thank you for the detailed response. Just to note that the link in your post seems broken. It opens then white screen.
I would also to know your opinion about other devices using Qualcomm. From what I have found by searching online, there are some computer brands using Qualcomm. Is the latest news are only concerning android devices or it can be generalized to all devices using Qualcomm.

[dkbit98]

Don't expect to get any real security and privacy from 99% of so called s.m.a.r.t. phones (Self-Monitoring-Analysis-Reporting-Technology).
Most of the stuff you type or write on phones gets reported somewhere, and then we have bunch of hidden bugs and backdoor access.
Honestly, modern phone devices are a nightmare, especially if you have a bunch of bitcoin wallets and payment apps.
Maybe new Motorola phones with GrapheneOS will be slightly better, at least I hope...