Stagefright Vulnerability And Must-Know

bytegeeks

Geek
Pinoy Techie
Your Android phone can be hacked without your knowledge with just a Text/Multimedia Message. Is it not shocking and scary? All this happens only with the help of worst Stagefright vulnerability.

Let me describe you in brief: What is stagefright vulnerability?

If you’re an Android device user then you must be aware from it because your Android device can be hacked by a simple message.

Security researchers have found a new bug in android platform that can give hacker to full control of your android device just by sending a text or multimedia message.

Any android device running version 2.2 to 5.1.1 (included KitKat and latest version lollipop) of operating system, are vulnerable to a this bug. It can monitor all your activities, steal sensitive information without doing anything.

But How?

Mobile security firm Zimperium warned that nearly 950 Million Android phones can be hijacked by sending a simple text message. For this only hackers need your mobile number to send a malicious message in text or multimedia form.

According to Zimperium researcher Jousha Drake – These vulnerabilities are hidden in a core Android component known as “stagefright”.

This multimedia playback library is written in native code (C++) that’s more prone to memory corruption than memory safe programming codes like Java. It’s used in Android to process record and play multimedia files.

There are multiple ways to execute this bug and the worst is that it requires no user interaction, just only a user’s 10 digit mobile number. Which, to be frank with you, is sufficient to Game Over!

Hackers first send you a specially crafted MMS that’s mostly in .mp4 format. Sometimes, they could delete this message before user sees it.

When the .mp4 format message gets downloaded, hackers will able to execute malicious code on your android device.

“These vulnerabilities are extremely dangerous because they do not require that the victim take any action to be exploited”

wrote Zimperium team in a blog post.

Your device could be Trojan infected while you sleep because it doesn’t need to click on any link or open any files, just an automatically downloading media files.

Now they’re able to access ALL your information including private photos, videos, contacts, bank information, and all of whatever they want.


To avoid stagefright vulnerability triggered to your phone- turn off auto-retrieval option and don’t download any unknown media files.
You can remove and protect your Android Devices from stagefright attacks by downloading this tool from the Google play store

Download Stagefright Bug Detector From Google Play!
 

Similar threads


Latest posts

Top Bottom