A new Stagefright bug exploited by a security researcher stands to potentially hack millions of Android devices remotely.
NorthBit, a security firm based in Israel, published its research paper and an accompanying video that provide details about how the company exploited the new Stagefright bug, with a Nexus 5, LG G3, HTC One and Samsung Galaxy S5 as the test platforms for the exploit.
The exploit is alterable, meaning any hacker who wishes to take advantage of the Stagefright bug can do so, and even escalate the level of damage the exploit can carry out. And it’s not just the bad actors that can make use of the bug, the white hat hackers and governments can also have access to the research document and drive the bug to their advantage.
The vulnerability could affect more than 3 out of 10 Android smartphones and tablets. One way to address the issue is to upgrade your handset to the latest version of the Android operating system. Luckily for Android 5 users, the exploit does not take effect.
Security researchers at Zimperium first reported on the Stagefright flaw in the middle of 2015. Hackers were then using the bug to execute code on Android devices from a remote server. It is said, according to research, that the flaw has the capacity to infect 95 percent of the more than one billion Android handsets worldwide.
In late 2015, a new breed of vulnerability emerged. The second Stagefright flaw affected bugs in .mp3 and .mp4 files by remotely executing malicious code in Android devices. Following the discovery of the Stagefright bug, Google vowed to address the issue by rolling out security updates on a regular basis.
Basically, Stagefright is a software library that resides within the Android operating system. The presence of Stagefright in Android makes a device vulnerable to memory corruption. One usual method employed by hackers to attack Android devices is through an MMS message to enable a malicious code inside an Android handset.
NorthBit claims it has devised an exploit that is able to bypass the address space layout randomization, a kind of memory protection process. The exploit can work in the wild, so anyone can use it. In order to breach the ASLR, one needs the details about the device configuration. Once the ASLR is breached, a link is dropped onto the device before the exploit works to transmit device data to the hacker.
Fortunately, many hackers still don’t have working Stagefright exploit at present, according to Zimperium. The company also did not publish the second exploit in order to keep Android safe for users.
Leave a Reply