Skip to main content

Researchers find vulnerability that affects 95% of Android devices

Lollipop Forest Google Android
Image Credit: Google
Update: This article has been updated with a comment from Google. 
Researchers have found a vulnerability in Android devices that allows hackers to access a device remotely without the owner ever knowing it was compromised. The flaw affects roughly 95 percent of Android devices running operating system version 2.2 to 5.1, according to cybersecurity firm Zimperium.
At fault is a media library (used to process media files) called Stagefright.Zimperium says it found multiple vulnerabilities in the framework. The company plans to present its research at the Black Hat 2015 security conference and at the hacking conference Def Con in August.
Using a person’s telephone number, hackers can send a media file via MMS that gives them entry into a device. What’s more, the owner of the device may never know. Hackers could conceivably send the trojan file while the device’s owner is sleeping, get access to their phone, and then delete any evidence the phone was hacked. Once the exploit is completed, a hacker can remotely operate a phone’s microphone, steal files, read emails, and get personal credentials.
“These vulnerabilities are extremely dangerous because they do not require that the victim take any action to be exploited. Unlike spear-phishing, where the victim needs to open a PDF file or a link sent by the attacker, this vulnerability can be triggered while you sleep. Before you wake up, the attacker will remove any signs of the device being compromised and you will continue your day as usual – with a trojaned phone,” says Zimperium chief technology officer Zuk Avraham.
Though Google has applied patches to Android Open Source Project, Zimperium says device owners should be proactive in updating their phones. Android owners can reach out to their telecom providers and device manufacturers to ensure their phones get the update.
Those with Silent Circle’s Blackphone running PrivatOS version 1.1.7 are already protected against the Stagefright vulnerability.
In a statement shared with VentureBeat, Google thanked the lead researcher who found the Stagefright vulnerability, Joshua Drake, and noted that most Android devices have technology in place to deter exploitation. You can read the full comment below.

Comments

Popular posts from this blog

How to Run Older Applications in Windows 10

You cannot expect all the vendors to upgrade their programs to make them compatible with Windows and neither would you want to purchase all the applications every time a new version of Windows is out. Nonetheless, the fact still remains the same that not all applications are compatible with the latest operating systems and there are times when many applications do not initialize when you upgrade your PC to a newer version of Windows. To make things easy for you, Windows 10 allows you to run the programs in compatibility mode. Running a program in compatibility mode makes the application think that it is installed on an older, compatible version of Windows, thus the software runs without any flaws. There are two ways you can run a program in compatibility mode: Program Compatibility Troubleshooter – This is a step-by-step wizard that allows you to pick a program that you prefer to use and configures it to run in compatibility mode. Compatibility Tab – This tab can...

5 Best Free Antivirus for Android Phones and Tablets

Android mobiles are trending today. World is running behind android and its versions. I am sure you also having one high end android mobile with you.  So, here in this article I’ve listed the best 5 antivirus for Android phones and tablets. 1-  AVG Antivirus App For Android When you download AVG Anti-virus and install it on your mobile or tablet then it shows screen alert. By touching the screen you can perform the scan. It is a free anti virus software, which helps you to protect your mobiles from virus, malware and spyware It provides some other features like ANTI THEFT, SMS SCANNER, TASK KILLER etc. It protects your mobile when you use internet Download AVG anti-virus from ANDROID MARKET. 2-  Look Out Mobile  Antivirus Look out anti virus for mobile is one of the best android anti virus software. It keeps your tablets and phones safe and secure You can run the app any time and scan for virus It protects your mobile when you use interne...

Three Reasons Why You Need Better Personal Cyber security

From the infamous Sony hack to the recent WannaCry virtual catastrophe that affected over 300,000 computers, the need for reliable personal cyber security has never been more apparent. Rubica's skilled team of experts want to remind every one of the importance of cyber security and the three reasons why it is becoming a more pressing issue every day. With top-notch personal cyber security, most attacks are preventable. 1. Larger Number Of Attacks Americans have heard of the most notable attacks on major corporations or government entities over the past several years. However, most people who are not in the information security field do not learn just how much the attack frequency is growing. The number of cyber attacks carried out worldwide in 2015 was quadruple a number of attacks recorded in 2013. Although the cost associated with the number of annual recorded attacks is in the $500 billion range right now, experts say that it will grow well into the trillions by ...

Here Are The First Connected Home Devices For Apple’s HomeKit

Apple’s HomeKit is finally starting to roll out to actual consumers, via the first crop of HomeKit-enabled accessories from third-party manufacturers. This means you’ll soon be able to get your hands on a range of products for the connected home that work with Siri on your iOS device, and that you’ll be able to do so as soon as today, since some of the new HomeKit accessories start shipping now. The accessories in question range from sensors, to lights, to thermostats, to smart outlets, and come from a group of accessory-makers with a trusted reputation in the connected home industry. HomeKit may have taken a while to arrive, but it’s doing so in grand fashion, with a practical lineup to get your home connected to your iOS ecosystem in an essential way. Elgato Eve The  Elgato Eve  is a set of connected wireless sensors that monitor key factors like indoor air quality, temperature, humidity as well as conditions outside, like temperature, humidity and air pre...

Google Capital invests in Girnar Software, owner of Indian auto portal CarDekho.com

Girnar Software , which runs several auto portals in India including  CarDekho.com , has raised an undisclosed amount of new funding from Google Capital, with participation from returning investor Hillhouse Capital. This is the fourth Indian startup Google Capital has invested in (its portfolio also includes  Freshdesk ,  Commonfloor , and  Practo ). Before this round, Girnar Software had already raised at least $80 million. In addition to CarDekho.com, Girnar Software runs car classifieds sites  Gaadi.com  and  Zigwheels.com , former competitors which it  acquired in 2014  and  2015 , respectively, and motorbike marketplace  BikeDekho.com . Girnar Software expanded its auto portal business internationally last March with the launch of  CarBay.com , which operates in 25 countries in Asia, Africa, the Middle East, Europe, North America, and South America. The company plans to continue growing overseas with its la...