If you own an Android either smartphone or tablet with operating system below 5.1 i.e Android Lollypop then your vital information’s such as credit card credentials are under threat. Yes, the worst bug in the history of Android has already infected more than 1 billion Android gadgets, was first discovered last summer and was called the "mother of all Android vulnerabilities" by the security firm Zimperium that discovered it. In today’s article, we will let you know.
- What is StageFright?
- How an Android gets infected?
- What are the vulnerabilities of stageFright Malware?
- How can you protect yourself from StageFright?
- How to know whether you are infected with Stagefright bug?
What is StageFright?
"Stagefright" is the nickname given to a very vital library that lives fairly deep inside the Android operating system. libStageFright is responsible for processing video files and making it ready to be viewable to the user.
How an Android gets infected?
The stagefright threat usually enters into an Android through a video sent via MMS. Once a malicious message is downloaded, it 'resets a phone and forces it to send a unique video file back to the hacker, using this data, a hacker can take control of a device to gain access to personal information, as well as being able to copy data and use the microphone and camera.
What are the vulnerabilities of StageFright Malware?
- Stagefright is a critical Android vulnerability. It allows hackers to get 'media' or 'system' privileges on your device after processing an incoming MMS message.
- Using these privileges, an attacker can use the audio and camera of the device to perform the investigation on their victim by listening in on conversations, and enabling video recording.
- On some devices, the affected software runs with “system” privileges. On these devices, the attacker has significantly elevated privileges. On these devices, the attacker has almost full control of the device already.
- Apart from these elevated privileges, remote code execution allows sophisticated attackers to execute “privilege escalation” attacks, which allow the attacker to change “roles” on the device.
- Access to read the victim’s emails, facebook, WhatsApp messages and contacts, access data from other applications or use the device as a pivot into the customer’s network and cloud applications.
How can you protect yourself from StageFright?
Update your device: Keep your device updated to the latest version at all times. If an update is not available for your device, manually install an OS like CyanogenMod that supports older devices for a longer period of time.
Disable Auto-fetching of MMS: You will need to disable this for both Hangout and regular messaging apps. Here’s how:
Also read: Technology that may disappear by 2020.
HANGOUT: Disable auto fetching of MMS
- Open Hangout
- Tap Options on the top left corner
- Tap Settings -> SMS In General, If you have Hangout SMS Enabled then in the Advanced uncheck Auto Retrieve MMS
MESSAGES: Disable auto fetching of MMS
- Open Messages
- Tap More -> Settings -> More Settings
- Tap Multimedia Messages -> Turn OFF Auto Retrieve.
How to know if your phone is infected with the Stagefright bug?
Zimperium zLabs have created a Detector app to validate that you are running a version that is not vulnerable to the discovered Stagefright vulnerabilities. Which can be downloaded from the google play store click here.
In order to test if your device is vulnerable, we built the ‘Stagefright Detector’ app.
This app will tell you three major things:
- whether your device is vulnerable
- which CVEs your device is vulnerable to
- whether you need to update your mobile operating system
Those who have updated to Android 6.0 Marshmallow or other operating systems that are patched against the Stagefright flaw are fine. Unfortunately, many people are still running older versions without the necessary defenses against this bug. Those with older Android phones are the most at risk.Information Source: Zimperium blog