CATEGORIES
home News

Stagefright Vulnerability Can Compromise Android Devices In 20 Seconds Or Less

by Rob WilliamsSunday, March 20, 2016, 02:15 PM EDT

Thought the Stagefright saga was all behind us? Think again. In a new paper published by Israel's NorthBit, we're shown that Stagefright can still prove to be a serious threat to older devices, with some able to be cracked in as little as 20 seconds. If you're still toting around a Nexus 5, LG G3, HTC One, or Samsung Galaxy S5, you should take note.

Samsung Galaxy S5
Samsung's Galaxy S5, released in 2014, is affected by Metaphor

As a bit of a recap, Stagefright isn't just one bug; rather, it's an overarching vulnerability that includes a number of different bugs that affects Android devices versioned 2.2 and newer. While modern phones that still receive updates would have likely received a patch for Stagefright long ago, it doesn't take long in the mobile world for a phone to hit end-of-life status, so there remain a countless number of affected devices out there. If someone breaks through to your device via Stagefright, they could execute code remotely. What makes it truly dangerous, however, is that they could do so with escalated privileges.

This new Stagefright-derived bug has been dubbed "Metaphor", and can bypass the ASLR (address space layout randomization) protections in memory in Android 2.2 and 4.0, on the devices mentioned above. People can fall victim to the bug by visiting a webpage that has a malicious .MP4 video file on it. Loading that file will cause Android to crash and restart, which will then allow JavaScript hosted on the attacker's server of choice to run. This leads to information being gathered and another malicious video being brought in, which then accomplishes the ultimate goal of granting access to the device.

The folks at NorthBit were kind enough to produce a video showing off the attack, and you might just be surprised by how simple it is. As soon as someone visits a webpage that has an infected .MP4 file, you'll be able to see the phone begin handshaking with what NorthBit calls the "control center". To see the attack carried out so easily is a rather alarming.

An obvious question is raised from all of this: "What can you do to protect myself?" That's a tough one to answer, because it would assume that your device is still supported and able to receive updates (at which point it should have received the update already). It's ultimately up to carriers to push through these security updates, so you'd do well to give your carrier a call or shoot them an email and request information about receiving patches. If you're fine with getting your hands dirty, you could also replace the entire ROM on your device with a custom one that's patched, though that's obviously more than a reach for may mainstream users. Otherwise, if you're using one of the affected devices, we'd encourage you to exercise great caution when clicking on a link you are given, or happen to stumble on.

Tags:  Android, Malware, smartphone, Google, security, (nasdaq:goog), stagefright
TOP CONVERSATIONS
Your Next PC Platform?
More Results
KEEP INFORMED
SITE

Home

Reviews

News

Blogs

Full Site

Sitemap

CATEGORIES

PC Components

Systems

Mobile

IT Infrastructure

Leisure

Videos

COMPANY

About

Advertise

News Tips

Contact

Privacy And Terms

HotTech

MORE

Accessibility

Shop

STAY CONNECTED

Twitter

Facebook

YouTube

RSS

As an Amazon and Howl Technologies Associate, HotHardware earns a commission from qualifying purchases made on this site. This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or his associates. All products and trademarks are the property of their respective owners. Reproduction in whole or in part, in any form or medium, without express written permission of Hot Hardware, Inc. is prohibited. All content and graphical elements are Copyright © 1999 - 2024 David Altavilla and Hot Hardware, Inc.
All rights reserved. Privacy and Terms - Accessibility Commitment