Own an Android smartphone? Beware, as just an innocuous-looking image on social media or messaging app could compromise your smartphone.
Along with the dangerous Quadrooter vulnerabilities that affected 900 Million devices and other previously disclosed issues, Google has patched a previously-unknown critical bug that could let attackers deliver their hack hidden inside an innocent looking
You are going to want to think twice before clicking on that LOLCat. A new proof of concept security vulnerability, dubbed Metaphor, could affect hundreds of millions of Android users.
NorthBit, an Israeli based software research company, has created an exploit in the same software library that the Stagefright vulnerability took advantage of. You may remember that last July 950 million Android devices were put at risk by Stagefright, in which it used an MMS (multimedia messaging service) software weakness that put Android customers at the mercy of hackers who could take complete control of their phone.
Metaphor, was demonstrated by NorthBit by sending an email message with a link to cat photos. The victim clicks the link to view the adorable and hilarious cat photos but unknowingly, in the background the malware is delivered. This exploit is a hole that allows a hacker to gain access. This access could be used to deliver malware that could potentially take control of key operations of your phone. In this particular example, the exploit is not instant – the user does need to engage with the content on this page for the exploit to be successful.
NorthBit’s research paper detailing the findings is not malicious, it’s for demonstrative purposes only. However, there is enough information provided that a professional hacker could use it to create their own fully working exploit and as you see in the video, to take control of some of the operations of your phone.
Since the original vulnerability was disclosed last year, Google released a number of patches that resolved Stagefright; but as we can see with this new disclosure, the media software still offers hackers a route to exploit devices.
The Metaphor exploit affects devices that are using Android Operating Systems: 5.1, 5.0, 4.0, down to 2.2 with some devices more vulnerable than others.
If you have an Android phone, what should you keep in mind?
And remember, the content could be targeted to something that you might be interested in, for me this would be motorbikes.
Follow AVG on Twitter @AVGFree
Follow me on Twitter @TonyatAVG
Attention Android users!
Millions of Android devices are vulnerable to hackers and intelligence agencies once again – Thanks to a newly disclosed Android Stagefright Exploit.
Yes, Android Stagefright vulnerability is Back…
…and this time, the Stagefright exploit allows an attacker to hack Android smartphones in 10 seconds just by tricking users into visiting a hacker’s web page
Android mediaserver malware resembles Stagefright
Android owners may recall the Stagefright bug, the “worst ever Android vulnerability yet discovered”. That malware exposed a billion (that’s nearly every) Android device on the face of the earth to malware.
The latest critical bug has similarities to Stagefright, but exists in Android’s mediaserver. Google warns that an attacker could use the bug to remotely run malware hidden in video or audio.
In an announcement published in the Nexus Security Bulletin for January, Google said it has fixed 12 vulnerabilities affecting Android versions 4.4.4 to 6.0.1. Five are rated as critical security bugs. Partners were notified about and provided updates for the issues on December 7, 2015 or earlier, said the post.
“The most severe of these issues is a Critical security vulnerability that could enable remote code execution on an affected device through multiple methods such as email, web browsing, and MMS when processing media files.”
The good news is that Google says, “We have had no reports of active customer exploitation of these newly reported issues.” Because of enhancements in newer versions of the Android platform, exploitation for many issues on Android is made more difficult. Regardless, Google encourages all users to update to the latest version of Android where possible.
Follow Avast on Facebook, Twitter, YouTube e Google+ where we keep you updated on cybersecurity news every day.
With 2015 more or less in the rear view mirror Mike Mimoso and Chris Brook discuss the year in security: Wassenaar, ransomware, mobile threats like Stagefright, Carbanak and Equation Group, and more.
In this feature we explore why mobile security is of the utmost importance for individuals and organizations. If smartphones and tablets not adequately protected, they are extremely vulnerable to being exploited.
The post Why mobile security is more important than ever before appeared first on We Live Security.
Exploit code for the Android Stagefright vulnerability was made public, and researcher Joshua Drake hopes organizations will test Android systems and devices against the code.
Certifi-gate and Stagefright are two recent threats that have put many Android devices at risk. Photo via Ars Technica.
When it comes to security, it seems that Android has seen better days. A slew of vulnerabilities and threats have been cropping up recently, putting multitudes of Android users at risk. Certifi-gate and Stagefright are two threats that, when left unprotected against, could spark major data breaches.
Certifi-gate leaches permissions from other apps to gain remote control access
Certifi-gate is a Trojan that affects Android’s operating system in a scary way. Android devices with Jelly Bean 4.3 or higher are affected by this vulnerability, making about 50% of all Android users vulnerable to attacks or to their personal information being compromised.
What’s frightening about this nasty bug is how easily it can execute an attack – Certifi-gate only requires Internet access in order to gain remote control access of your devices. The attack takes place in three steps:
The good news here is that Avast Mobile Security blocks the installation packages that make it possible for Certifi-gate to exploit the permissions of your other apps. Breaking this down further, Avast Mobile Security would block the package before the action in Step 2 is carried out, making it impossible for a remotely-controlled server to take control of an insecure app that contains a vulnerable remote access backdoor.
Google’s Stagefright patch can be bypassed
We’ve already told you about the Stagefright bug, which has exposed nearly 1 billion Android devices to malware. Whereas Certifi-gate uses Internet access to control your device, Stagefright merely needs a phone number in order to infect users.
Due to the scope and severity of this threat, Google quickly put out a security patch that was intended to resolve the Stagefright issue once and for all. Unfortunately, it hasn’t been fully successful — it’s possible for the patch to be bypassed, which leaves Android users with a false sense of security and a vulnerable device.
As Avast security researcher Filip Chytry explains in his original post examining Stagefright, Avast encourages users to disable the “auto retrieve MMS” feature within their default messaging app’s settings as a precautionary measure. You can read our full set of instructions for staying safe against Stagefright in the post.
Follow Avast on Facebook, Twitter, YouTube, and Google+ where we keep you updated on cybersecurity news every day.
Security Researcher Joshua Drake has published about a vulnerability in the heart of Android that could allow attackers to steal information from Android devices through remotely execute code via a crafted MMS. Potentially 95% of Android devices should be vulnerable. Have you checked yours?
The post Are you still vulnerable to Stagefright? Get your Android device checked appeared first on We Live Security.
The Android security team at Google is having a busy month. First the Stagefright vulnerabilities surfaced last month just before Black Hat and now researchers at MWR Labs have released information on an unpatched vulnerability that allows an attacker to bypass the Android sandbox. The vulnerability lies in the way that the Google Admin application […]
