Cybersecurity firm warns of Android security flaw

Next Story

Around 47 million Americans do not use the internet, study says

Cybersecurity company Zimperium warned of a flaw in Android, the world’s most popular smartphone operating system, that allows hackers to gain control via a simple text message.

“Attackers need only your mobile number, using which they can remotely execute code via a specially crafted media file delivered via MMS (text message),” said Zimperium Mobile Security in a blog post.

It noted that a fully-weaponised successful attack could actually delete the message before the recipient even sees it.

At the heart of this flaw is Android code known as Stagefright, said Zimperium. The code automatically pre-loads video snippets that are attached to text messages in order to spare recipients the time of waiting to view the clips.

Research by Zimperium’s Joshua Drake revealed that hackers can conceal malicious code in video files, which will be unleashed even if the message is never opened or read.

“The targets for this kind of attack can be anyone,” said the cyber-security firm.

“These vulnerabilities are extremely dangerous because they do not require that the victim take any action to be exploited.”

As such, Stagefright imperils around 950 million, or 95 per cent, of Android phones.

The cybersecurity firm said it reported the flaw to Google and provided the tech firm with patches to prevent breaches.

While Google has applied the patches to its internal code branches, Zimperium said it is only the start of “a very lengthy process of update employment.”

Fortunately, hackers do not appear to have taken advantage of the flaw.


New GY-NEO6MV2 GPS Module EEPROM MWC Flight Control For Arduino Raspberry picture
New GY-NEO6MV2 GPS Module EEPROM MWC Flight Control For Arduino Raspberry
Arrowhead P-4000 EEPROM Programmer AV6000 AV8000 AV9000 AV6500 DD1E DD3E picture
Arrowhead P-4000 EEPROM Programmer AV6000 AV8000 AV9000 AV6500 DD1E DD3E
2x SST SST29LE010-150-4C-NH , IC 1Mb , 128KX8 EEPROM 3V, 150ns , PQCC-32 picture
2x SST SST29LE010-150-4C-NH , IC 1Mb , 128KX8 EEPROM 3V, 150ns , PQCC-32
Allen Bradley, SLC 500, 64K Flash EEPROM Memory, 1747-M12, Very Good Condition picture
Allen Bradley, SLC 500, 64K Flash EEPROM Memory, 1747-M12, Very Good Condition
WINBOND W27C512P W27C512 27C512 512Kbit EEPROM PLCC32  10pcs picture
WINBOND W27C512P W27C512 27C512 512Kbit EEPROM PLCC32 10pcs