Cybersecurity firm warns of Android security flaw

Next Story

Around 47 million Americans do not use the internet, study says

Cybersecurity company Zimperium warned of a flaw in Android, the world’s most popular smartphone operating system, that allows hackers to gain control via a simple text message.

“Attackers need only your mobile number, using which they can remotely execute code via a specially crafted media file delivered via MMS (text message),” said Zimperium Mobile Security in a blog post.

It noted that a fully-weaponised successful attack could actually delete the message before the recipient even sees it.

At the heart of this flaw is Android code known as Stagefright, said Zimperium. The code automatically pre-loads video snippets that are attached to text messages in order to spare recipients the time of waiting to view the clips.

Research by Zimperium’s Joshua Drake revealed that hackers can conceal malicious code in video files, which will be unleashed even if the message is never opened or read.

“The targets for this kind of attack can be anyone,” said the cyber-security firm.

“These vulnerabilities are extremely dangerous because they do not require that the victim take any action to be exploited.”

As such, Stagefright imperils around 950 million, or 95 per cent, of Android phones.

The cybersecurity firm said it reported the flaw to Google and provided the tech firm with patches to prevent breaches.

While Google has applied the patches to its internal code branches, Zimperium said it is only the start of “a very lengthy process of update employment.”

Fortunately, hackers do not appear to have taken advantage of the flaw.


GENERAL ELECTRIC 50-472320MNDD2 TRANSDUCER *NEW NO BOX* picture
GENERAL ELECTRIC 50-472320MNDD2 TRANSDUCER *NEW NO BOX*
Air-VAC AV116H AV Vacuum Transducer Pump picture
Air-VAC AV116H AV Vacuum Transducer Pump
EXELTRONIC TRANSDUCER MODEL #  6330-180 PH ANGLE picture
EXELTRONIC TRANSDUCER MODEL # 6330-180 PH ANGLE
DYNAPAR 80H150 ROTARY TRANSDUCER *USED* picture
DYNAPAR 80H150 ROTARY TRANSDUCER *USED*
Celesco Potentiometric Cable-Extension Transducer PT5A-80-N34-FR-10K-M6 pt5a picture
Celesco Potentiometric Cable-Extension Transducer PT5A-80-N34-FR-10K-M6 pt5a