275 million Android devices vulnerable to new Stagefright threat that can hack a phone in 15 seconds
BYDAN GOOD
NEW YORK DAILY NEWS
Monday, March 21, 2016, 9:54 AM
Hundreds of millions of Android devices are vulnerable to a new exploit of Stagefright, the bug previously called the "worst ever discovered," according to a report published this month.
An Israeli-based security firm, NorthBit, claims it has "properly" exploited the Stagefright bug. Video released by NorthBit shows the firm remotely hacking a phone in about 15 seconds.
The bug could allow hackers access to a user's data and functions if the user visits a malicious website.
5 MOBILE SECURITY FLAWS YOU SHOULD KNOW
The exploit, called Metaphor, was tested on a Nexus 5, LG G3, HTC One and Samsung Galaxy S5,according to Wired.
ZLATAN MOJSILOVIC
Millions of Android devices are vulnerable to a new exploit of Stagefright, according to a new report.
Android phones and tablets that lack the latest updates — Android versions 2.2 through 4.0, as well as 5 or 5.1 — could be vulnerable. Roughly 275 million phones areestimatedto run on those versions.
"The reason to keep researching this library is because it has proven to be very vulnerable in the past (multiple bugs and bad code), affects numerous devices and has many good potential attack vectors: mms (stealthy), instant messaging (automatic), web browser (minimaltono user interaction) and more," Hanan Be'er, a security researcher for NorthBit,wrote in the report.
Stagefright was first identified by the security firm Zimperium in July 2015, involving code that taps into the device's audio and camera.
Stagefright 2.0 was identified in October, focusing on exploits in .mp3 and .mp4 files.
dgood@nydailynews.com
BYDAN GOOD
NEW YORK DAILY NEWS
Monday, March 21, 2016, 9:54 AM
- A
- A
- A
- 13
- Tweet
Hundreds of millions of Android devices are vulnerable to a new exploit of Stagefright, the bug previously called the "worst ever discovered," according to a report published this month.
An Israeli-based security firm, NorthBit, claims it has "properly" exploited the Stagefright bug. Video released by NorthBit shows the firm remotely hacking a phone in about 15 seconds.
The bug could allow hackers access to a user's data and functions if the user visits a malicious website.
5 MOBILE SECURITY FLAWS YOU SHOULD KNOW
The exploit, called Metaphor, was tested on a Nexus 5, LG G3, HTC One and Samsung Galaxy S5,according to Wired.
Millions of Android devices are vulnerable to a new exploit of Stagefright, according to a new report.
Android phones and tablets that lack the latest updates — Android versions 2.2 through 4.0, as well as 5 or 5.1 — could be vulnerable. Roughly 275 million phones areestimatedto run on those versions.
"The reason to keep researching this library is because it has proven to be very vulnerable in the past (multiple bugs and bad code), affects numerous devices and has many good potential attack vectors: mms (stealthy), instant messaging (automatic), web browser (minimaltono user interaction) and more," Hanan Be'er, a security researcher for NorthBit,wrote in the report.
Stagefright was first identified by the security firm Zimperium in July 2015, involving code that taps into the device's audio and camera.
Stagefright 2.0 was identified in October, focusing on exploits in .mp3 and .mp4 files.
dgood@nydailynews.com