Hack on Android with StageFright Vulnerability

StageFright can use videos sent via MMS as the source of the attack, through the mechanism libStageFright , which Android helps process video.

Several text messaging applications - including Hangouts - automatically edit videos so that the infected video is ready for users to watch as soon as they open the message.

For this reason, the attack could take place without users realizing it.

How to use StageFright to hack an Android device

StageFright is built into native code (ie, C ++), instead of languages ​​that are secure in memory, such as Java, because multimedia processing is time-sensitive.

This in itself can lead to memory corruption. Therefore, the researchers analyzed the deeper corners of this code and discovered several vulnerabilities to execute remote code that attackers can exploit with various hacking techniques, including methods that do not even require the user's mobile number.

Below we will look at three popular techniques for StageFright hacking.

1. Sending Exploit as an Android application

In the first method, the attacker must know the user's mobile number to activate StageFright via MMS. If one wants to attack a large number of Android phones this way, one must first collect a large number of phones and then spend money on sending text messages to potential victims.

Alternatively, an attacker can embed the exploit in an Android app and serve up an infected MP4 file to trigger the StageFright exploit. Below we will see a video with her :

https://www.youtube.com/watch?v=_gTuuMGQSHU&feature=emb_title

Researchers prove that Simple Media Player plays an MP4 file with the wrong format.

 

2. Embed Exploit in an HTML web page

The attacker simply embeds the infected MP4 file into an HTML webpage and publishes the webpage on the Internet.

Once a visitor opens the page from their Android device, they download the malicious file. THE The attacker then streams a customized video file to the victim's device, exploiting the StageFright vulnerability to reveal more details about the device's internal state.

Using the details sent by exploit to the hacker's server, the hacker can control the victim's smartphone.

https://www.youtube.com/watch?v=Cnhctcd860I

 

3. Exploitation using multimedia message (MMS)

With this method, the attacker simply needs your phone number. It then sends you an MMS with an infected MP4 file. While downloading the file, the attacker remotely executes malicious code on your Android device, which could lead to a breach of your personal information or data loss.

How can I protect my Android device from StageFright attacks?

Google  has corrected this bug in the latest version of Android. However, a large number of Android users have an older version, so it is up to their device manufacturers to protect their devices from StageFright.

As it sometimes takes manufacturers a long time to update the code, here is a list of actions that users can take to reduce their exposure to StageFright vulnerabilities.

  1. Disable mms auto recovery: Users can find this option at messages. When disabled, MP4s will not be downloaded automatically and will require the user to press a key to download and play.
  2. Installing applications from the official Play Store: Instead of downloading apps through third-party websites, you should look for their official versions in the Play Store. It is also a good idea to read user reviews in the applications before installing them.
  3. Be careful when visiting websites: Do not click or open suspicious links on the Internet. Click-bait titles may entice you to download attachments, but it is always wise to think before you open a website before taking any action.

 

 

 

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.

Written by Anastasis Vasileiadis

Translations are like women. When they are beautiful they are not faithful and when they are faithful they are not beautiful.

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).