• Skip to primary navigation
  • Skip to main content
  • Skip to footer
  • Home
  • Advertise With Us
  • Contact
  • Cookie Policy
    • Privacy statement (CA)
    • Cookie policy (CA)
    • Privacy statement (UK)
    • Cookie policy (UK)
    • Privacy statement (US)
    • Cookie Policy (US)
    • Privacy statement (EU)
    • Cookie policy (EU)
    • Disclaimer

TechWalls

Technology News | Gadget Reviews | Tutorials

  • Reviews
  • Tech News
  • Tech Guide
  • Gadget & Apps

New Stagefright bug could hit millions of Android devices

Updated on Mar 21, 2016 by Guest Authors

A new Stagefright bug exploited by a security researcher stands to potentially hack millions of Android devices remotely.

NorthBit, a security firm based in Israel, published its research paper and an accompanying video that provide details about how the company exploited the new Stagefright bug, with a Nexus 5, LG G3, HTC One and Samsung Galaxy S5 as the test platforms for the exploit.

The exploit is alterable, meaning any hacker who wishes to take advantage of the Stagefright bug can do so, and even escalate the level of damage the exploit can carry out. And it’s not just the bad actors that can make use of the bug, the white hat hackers and governments can also have access to the research document and drive the bug to their advantage.

stagefright

The vulnerability could affect more than 3 out of 10 Android smartphones and tablets. One way to address the issue is to upgrade your handset to the latest version of the Android operating system. Luckily for Android 5 users, the exploit does not take effect.

Security researchers at Zimperium first reported on the Stagefright flaw in the middle of 2015. Hackers were then using the bug to execute code on Android devices from a remote server. It is said, according to research, that the flaw has the capacity to infect 95 percent of the more than one billion Android handsets worldwide.

In late 2015, a new breed of vulnerability emerged. The second Stagefright flaw affected bugs in .mp3 and .mp4 files by remotely executing malicious code in Android devices. Following the discovery of the Stagefright bug, Google vowed to address the issue by rolling out security updates on a regular basis.

Basically, Stagefright is a software library that resides within the Android operating system. The presence of Stagefright in Android makes a device vulnerable to memory corruption. One usual method employed by hackers to attack Android devices is through an MMS message to enable a malicious code inside an Android handset.

NorthBit claims it has devised an exploit that is able to bypass the address space layout randomization, a kind of memory protection process. The exploit can work in the wild, so anyone can use it. In order to breach the ASLR, one needs the details about the device configuration. Once the ASLR is breached, a link is dropped onto the device before the exploit works to transmit device data to the hacker.

Fortunately, many hackers still don’t have working Stagefright exploit at present, according to Zimperium. The company also did not publish the second exploit in order to keep Android safe for users.

Disclosure: We might earn commission from qualifying purchases. The commission help keep the rest of my content free, so thank you!

Footer

VTOMAN FlashSpeed 1500 Portable Power Station Review

OpenRock S Review – Revolutionizing the World of Earbuds

KEF LS50 Bookshelf Speakers Review: A Sound Decision Over the LS50 Meta

ALLPOWERS SP033 200W Portable Solar Panel Review – Eco-Friendly Energy on the Go

Follow TechWalls

YoutubeFacebookTwitterInstagram

Recent Posts

  • VTOMAN FlashSpeed 1500 Portable Power Station Review
  • OpenRock S Review – Revolutionizing the World of Earbuds
  • AiDot OREiN & Linkind Matter Smart Light Bulb Review
  • OKP L1 Robot Vacuum Cleaner Review – Affordable Robot with LiDAR Navigation

Copyright © 2023 · All Rights Reserved

Manage Cookie Consent
We use technologies like cookies to store and/or access device information. We do this to improve browsing experience and to show personalized ads. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional cookies Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options Manage services Manage {vendor_count} vendors Read more about these purposes
View preferences
{title} {title} {title}