All You Need To Hack An Android Is A Simple Text Message

An IT security research firm has announced a discovery that should make worried most of the Android users. According to Zimperium Zlabs, this is the worst security flaw in the Android mobile operating system's history, a vulnerability that exposes 95 percent of Android users. This makes around 950 million Android tablets and smartphones worldwide vulnerable to attacks from Stagefright, as the bug was codenamed by security experts.

According to the vice president of platform research and exploitation at Zimperium ZLabs, Joshua J. Drake, all the hackers need in order to be able to can gain access to the victim's device without the user even knowing is the phone number. As Drake pointed out, the scariest part is that an attack from the Stagefright bug does not require any action by the victim. This means that the security flaw can be exploited even while the device owner is asleep, by using remote techniques.

According to the same security experts from Zimperium ZLabs, the Stagefright bug is different from spear-phishing attacks. In case of a spear-phishing attack the user is cheated to click on a link or to open an email attachment for the attack to be successful. But an attack with the Stagefright bug requires only sending a media file via MMS. The user doesn't need to open the file in order for the attack to succeed.

When a device is hacked through the Stagefright bug, the hacker can gain access to most of the smartphone's applications. This allows the hacker to perform many malicious tasks, including stealing the victim's data or spying on the victim. As Drake explained, among the applications a hacker gains access once an attack is complete are included the audio and camera.

You can just imagine what a person with bad intentions could do by using your phone's camera and audio without your knowledge. Important business meetings, having an affair, working on a secret project for your company... There are so many things that come to mind.

According to Zimperium ZLabs experts, more sophisticated attackers could also create "elevated privileges" and gain complete access to your entire phone's data. What is even worse, at present there is no fix for the bug. However, according to Mr Drake, a security team from Google is currently working to rectify the issue. Zimperium ZLabs alerted Google upon discovering the Stagefright security flaw and provided some patches to fix the vulnerability.

© 2024 iTech Post All rights reserved. Do not reproduce without permission.

More from iTechPost

Real Time Analytics