StageFright detected by Joshua Drake
Android phones can be hacked by sending Blank (SMS) or MP4 (MMS) files to android phones, a security researcher recently found a bug in 2015, with the help of which hacked.
To get control of someone’s phone it is necessary to know the victim’s phone number, which was developed by Joshua Drake, who was vice president of Platform Research and used to exploit the mobile security firm Zimperium.
Drake received several vulnerabilities in a major Android decomposing called StageFrite which was used to process, play and record multimedia files. Some of the flaws allow remote code execution, which can be triggered when receiving SMS and MMS (Mp4) messages, downloading a specially designed video file through any browser or embedded multimedia content It may also be possible to open a web page with.
There are many potential attack vectors because whenever the Android OS receives media content from any source, it shows it through any framework,
Because the hacker will not need anything other than the customer’s phone number. “The attackers only need your mobile number, which are specially designed to be distributed through Blank (SMS) or MP4 (MMS) files). The media file can be used to execute the code remotely. ” This virus is so efficient that the user will remove the message without notification, but the user will still receive an empty notification (Blank SMS).
Android is suffering from these defects due to a code called “StageFrite” android device. The aim of this particular code is to load the video before clicking on the play button to avoid the waiting time before the video snippet starts playing. Hackers can hide their malicious codes with the help of StageFriit and download it without the user’s information, can be inserted.
The use of the file store is not only used for media playback, but also to make thumbnails automatically or to remove metadata with video and audio files such as length, height, width, frame rate, channel and other similar information.
“These vulnerabilities are extremely dangerous because they do not have the permission to allow them to take control of their phones,”. “Unlike Spear-phishing, where the victim sent a PDF file or link sent by the attacker, Blank SMS or MMS (MP3) to open the Victim, no matter the difference, it can be triggered only in a short time, and some Before understanding, the attacker will remove any sign of the device being tampered with and the victim did not know that the Trojan has started his work in his phone and his The control of the phone is in someone else’s hands. “
Researchers did not detect vulnerabilities only, created patches for it to actually create necessary patches and initially shared with Google. The company took issues very seriously and implemented patches on their internal Android code basis within 48 hours,
Google now shares that code with the device manufacturers in advance, which is in the Android Partnership Program, before it was released publicly as part of the Android Open Source Project (AOP).
Unfortunately, even after Android updates, more than 95% of Android devices are still affected, this vulnerability is affected, this means 95% of phones are still unsafe.
These vulnerabilities now affect devices running ( Android 2.2 to Android 2.5 or higher). Which means that there are a large number of devices that probably will never get patches for them.
According to the company, “Most Android devices, including all new devices, have many technologies which are more difficult.” “Android devices also include user data and apps designed to keep other apps safe on the sandbox.”
What can the attackers do after taking advantage of vulnerabilities? They can execute their malicious code with the privileges of the StageFrite Framework, which is affected on some devices. Generally, the attackers will have access to a microphone, camera and external storage division, but access to installed applications or their internal data can be accessed.
Drake has praised the security firm Silent Circle in Geneva, Switzerland, which makes a Blackphone handset for quick response to users because it released Previtos version 1.1.7. She also praises Mozilla’s creator, Firefox web browser, with fixes since version 38. “We appreciate these vendors to give priority to security and speed up patches for these issues.”
All the information given above is available in the open public domain. This information is only to make people aware about the information and information is given in terms of education. There is no doubt about this kind of information given by any kind, if someone does wrong work through this given information, then he himself is responsible.