Verdict :
Possible time of origin : July 28, 2015
Circulation platforms : News and Social Media Channels
Circulation geography : Global
Original Message Version Under Analysis:
Analysis by Merofact Awareness Team:
On July 28, 2015, a vulnerability for Android phones was disclosed, which allows a remote code execution over MMS. This bug named Stagefright exploits SMS/MMS clients by sending a corrupted media file to the user. This MMS when automatically retrieved / downloaded by the default client will start executing itself allowing full control of the infected android phone to the hacker. This bug is being described as one of the "worst Android vulnerabilities discovered to date", which has been discovered by Zimperium Labs vice president of platform research and exploitation Joshua J. Drake.
The attack may work like following: The hacker creates a short video, hides a malware inside it and send it to your number as MMS. As soon as it’s received by the phone, your default SMS/MMS client (with it's default settings) retrieves the infected file, which then executes itself inside your phone. The hacker gains control over your phone,. By control we mean everything including - copy and delete data, take over your microphone and camera to monitor your every word and move and even erase your phone.
To get some protection from this bug ahead of the patch release, disable autoretrieve MMS from your SMS client settings. Although clicking infected MMS will bring the infection i your phone. A patch is mandatory to completely prevent the vulnerability but the above method can buy you some protection. Remember most Android phones and their SMS/MMS clients by default will download and process any infected file received, if settings are not overridden manually.
Google knows about the bug, and has prepared patches. So, if you have a Google Nexus, and you have updated it recently, you might already be safe. Sadly, the same can't be said for other vendors with surety.
Vulnerabilities discovered in the Stagefright media playback engine that is native to Android devices could be the mobile world’s equivalent to Heartbleed. Almost all Android devices contain the security and implementation issues in question; unpatched devices are at risk to straightforward attacks against specific users that put their privacy, data and safety at risk.
The flaws have been in Android since—and including—version 2.2; devices running Android versions older than Jelly Bean (4.2) are at greater risk since they lack exploit mitigations that have been built into newer versions of the OS.Courtesy: Threatpost
Analysis by Merofact Awareness Team:
On July 28, 2015, a vulnerability for Android phones was disclosed, which allows a remote code execution over MMS. This bug named Stagefright exploits SMS/MMS clients by sending a corrupted media file to the user. This MMS when automatically retrieved / downloaded by the default client will start executing itself allowing full control of the infected android phone to the hacker. This bug is being described as one of the "worst Android vulnerabilities discovered to date", which has been discovered by Zimperium Labs vice president of platform research and exploitation Joshua J. Drake.
The attack may work like following: The hacker creates a short video, hides a malware inside it and send it to your number as MMS. As soon as it’s received by the phone, your default SMS/MMS client (with it's default settings) retrieves the infected file, which then executes itself inside your phone. The hacker gains control over your phone,. By control we mean everything including - copy and delete data, take over your microphone and camera to monitor your every word and move and even erase your phone.
To get some protection from this bug ahead of the patch release, disable autoretrieve MMS from your SMS client settings. Although clicking infected MMS will bring the infection i your phone. A patch is mandatory to completely prevent the vulnerability but the above method can buy you some protection. Remember most Android phones and their SMS/MMS clients by default will download and process any infected file received, if settings are not overridden manually.
Google knows about the bug, and has prepared patches. So, if you have a Google Nexus, and you have updated it recently, you might already be safe. Sadly, the same can't be said for other vendors with surety.
No comments:
Post a Comment