News

Android Bug can Hack your Phone as You Sleep

Android Bug can Hack your Phone as You Sleep

All it takes is one text message or an MMS to your Android phone as you sleep and hackers can access everything on your device even before you realize it.

A bizarre and dangerous bug that affects nearly up to 95 percent Android devices, ‘ Stagefright’ was first discovered by US information security company Zimpherium who informed Google about the security flaw. In a statement, Zimpherium’s Z team said, “Built on tens of gigabytes of source code from the Android Open Source Project (AOSP), the leading smartphone operating system carries a scary code in its heart. Named Stagefright, it is a media library that processes several popular media formats. … [Drake] discovered what we believe to be the worst Android vulnerabilities discovered to date …. multiple remote code execution vulnerabilities that can be exploited using various methods, the worst of which requires no user-interaction.”

The flaw was discovered by Joshua Drake from Zimperium zLabs inside the source code for AOSP, the Android Open Source Project. The issue will be put forward at the at next week’s Black Hat security conference in Las Vegas. According to Drake, “Android and derivative devices after and including version 2.2 are vulnerable. Devices running Android versions prior to Jelly Bean (roughly 11% of devices) are at the worst risk due to inadequate exploit mitigations.”

So how does Stagefright work? If the attacker has your mobile number, they can remotely send a code through a special media file sent via MMS to invoke an Android service called Stagefright. The message could even be deleted before you see it. The receiver does not have to click on the message or do anything to allow the hack to work. Just the fact that the message is delivered to your device is enough to hack your phone with a Trojan.

Since then Google issued a statement saying it had patched the problem but the patch cannot take effect till millions of phones are put through a software update distributed by hardware manufacturers and mobile operators.

In its statement Google said, “We thank Joshua Drake for his contributions. The security of Android users is extremely important to us and so we responded quickly and patches have already been provided to partners that can be applied to any device. Most Android devices, including all newer devices, have multiple technologies that are designed to make exploitation more difficult. Android devices also include an application sandbox designed to protect user data and other applications on the device. As part of a regularly scheduled security update, we plan to push further safeguards to Nexus devices starting next week. And, we’ll be releasing it in open source when the details are made public by the researcher at Black Hat.”

 

Hacked_visiual_sheelamohanachandran_Fotolia_large

Click to add a comment

Leave a Reply

Your email address will not be published. Required fields are marked *

News
@YasmitaC

A blogger with a passion for creative writing and all things related to gadgets and gizmos, sports and fun stuff in the world of movies and music. Loves to stay on top of the latest news and keeps an eye out for unique stuff, the kind that our readers look for and enjoy.

More in News

best-anroid-watches

Our List of Top 5 Android Smartwatches in 2015

Yasmita ChowdhurySeptember 1, 2015
Gatorade-Profile-Dash

Innovation: Instant Push-Button Ordering with the Amazon Dash button

Yasmita ChowdhuryAugust 31, 2015
blackberry-venice-leak-3

Gadget Leaks: The New BlackBerry Venice Android Slider Smartphone

Yasmita ChowdhuryAugust 31, 2015
viveGSC_610

HTC VR Vive Production Delayed till 2016

Yasmita ChowdhuryAugust 28, 2015
Facebook-M-1080x675

Facebook Launched its own Virtual Assistant called M

Yasmita ChowdhuryAugust 27, 2015
3d-robotics-solo-drone_white-front-above-970x646-c

Moviemaking Takes to the Sky with the 3DR Solo Drone

Yasmita ChowdhuryAugust 27, 2015