LIKE US

Liked us?

Wednesday, 12 August 2015

Android Stagefright Bug : 1 BILLION ANDROID CAN BE HACKED WITH JUST 1 TEXT




Android Stagefright Bug : 1 BILLION ANDROID CAN BE HACKED WITH JUST 1 TEXT


Android Stagefright Bug

“Stagefright” is one of the worst Android vulnerabilities to date.”

Next  time you give your mobile number to anyone think twice. You may get into  Stagefright trap.

What is is Stagefright?

Stagefright is an exploit that capitalises on vulnerabilities within the software that Google's Android OS uses to process, play and record multimedia files.

The vulnerability can be initiated through the sending of a simple picture message, and it can also make its way onto a device simply by landing on a webpage containing affected embedded video content.

Once an Android device has been infected by Stagefright, a hacker can remotely access the device's microphone, camera, and external storage. In come cases, they can even gain root access to the device.

Attackers only need your mobile number, using which they can remotely execute code via a specially crafted media file delivered via MMS (text message),” Zimperium Mobile Security said in a blog post.


“A fully weaponized successful attack could even delete the message before you see it. You will only see the notification.”

Android code dubbed “Stagefright” was at the heart of the problem, according to Zimperium.

Stagefright automatically pre-loads video snippets attached to text messages to spare recipients from the annoyance of waiting to view clips.

Hackers can hide malicious code in video files and it will be unleashed even if the smartphone user never opens it or reads the message, according to research by Zimperium’s Joshua Drake.

“The targets for this kind of attack can be anyone,” the cyber security firm said, referring to Stagefright as the worst Android flaw discovered to date.

“These vulnerabilities are extremely dangerous because they do not require that the victim take any action to be exploited.”

What's Google doing for Stagefright right now?

Fortunately, Google has known about Stagefright for some time. Drake let the company know about it back in April, as well as providing the search giant with a patch of his own making.

Google, for its part, instantly applied the fix to its Android code base. The trouble is, as every Android fan knows, it takes an absolute age for updates to make their way to the entire Android ecosystem - hence that 95 percent vulnerability figure listed above.

This is down to the fact that, despite creating Android, Google isn't responsible for the rollout of core updates to the vast majority of the Android smartphones on the market. That's down to the manufacturers and the network operators they work with.

Google has been able to provide a fix to all Nexus devices from the Nexus 4 onwards, and will continue to send out monthly security updates from now on.

LG and Samsung have followed in line, pledging to work with network operators to implement updates that will eradicate the Stagefright exploit.

Motorola, too, has revealed that it will be updating its entire modern range (so effectively from the first generation Moto X era onwards), with carriers set to receive the files for testing from August 10.

What You need to do to be protected from Stagefright?

While you'll have to sit and nervously wait for your manufacturer and operator to collaborate on a fix, you can determine whether your Android device is vulnerable or whether it's susceptible right now.

Just download the free Stagefright Detector App by Zimperium (the security company Joshua Drake works for) from the Google Play Store.

Stagefright Detector App

Once you've run the test (it takes seconds), you'll probably discover that your phone is vulnerable, with a message like the one above. Note: this doesn't mean that you phone has been infected, so don't panic!

If your phone is vulnerable, and you use Hangouts as your main messaging app, go into Settings>SMS and disable the 'Auto Retrieve MMS' option.

If you use a different messaging app for such things, double check that no such similar option exists or has been selected. Samsung's default Messages app also automatically retrieves MMS messages by default, for example.

Regardless of your chosen messaging app, don't open any picture messages from unknown sources. Delete them straight away, without entering them.



5 comments:

  1. Somebody Sometimes with visits your online journal routinely and prescribed it as far as I can tell to peruse also. The method for composing is brilliant furthermore the substance is first rate. A debt of gratitude is in order for that knowledge you give the perusers! FtiOS Download

    ReplyDelete
  2. This is exceedingly informatics, fresh and clear. I believe that everything has been portrayed in methodical way with the goal that peruser could get most extreme data and realize numerous things. Tinyumbrella Windows

    ReplyDelete
  3. Great data on your website, thank you for setting aside an ideal opportunity to impart to us. Stunning knowledge you have on this present, it's pleasant to discover a site that points of interest such a great amount of data about distinctive specialists. TutuHelper Download

    ReplyDelete
  4. Amazing, this is truly fascinating perusing. I am happy I discovered this and got the opportunity to peruse it. Awesome employment on this substance. I like it. FlekStore Download

    ReplyDelete
  5. Awesome great design really i like this model.
    handmade jewelry websites

    ReplyDelete

Comment here...

Don't You Think this Awesome Post should be shared ??
| Android Stagefright Bug : 1 BILLION ANDROID CAN BE HACKED WITH JUST 1 TEXT |