Dear Visitor,

Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course, available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest high-quality content, which is written by professional journalists, with the help of editors, graphic designers, and our site production and I.T. staff, as well as many other talented people who work around the clock for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or to simply disable your Ad Blocker while visiting this site.

Continue on this site freely
  HOME     MENU     SEARCH     NEWSLETTER    
THE ENTERPRISE SECURITY SUPERSITE. UPDATED 5 MINUTES AGO.
You are here: Home / Data Security / Android Exploit Released in the Wild
Google Android Stagefright Exploit Released in the Wild
Google Android Stagefright Exploit Released in the Wild
By Jef Cozza / Enterprise Security Today Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
SEPTEMBER
11
2015
An exploit that lets hackers execute code remotely on Android devices using only the victims' phone numbers has been released in the wild so that security teams, administrators, and penetration testers can test whether or not systems remain vulnerable. Zimperium Mobile Security, a digital security company focusing on mobile enterprise devices, released the Python script it developed to exploit the vulnerability in mobile phones.

Known as Stagefright, the vulnerability, which Zimperium first discovered in April, allows attackers to gain control of an Android device via a specially crafted media file delivered via MMS. By gaining remote code execution privileges, an attacker can delete the original MMS used to gain control of the device, leaving the victim completely unaware of the hack.

Massive Interest from Developers

Zimperium had already released much of its research into the vulnerability. After initially reporting the problem to Google in April and May, the company announced in July that it would be publishing the exploit it had developed at the Black Hat USA convention in August. Slides from a presentation given by Joshua Drake, Zimperium’s VP of platform research and exploitation, have already been released by the company on YouTube.

The company has also released its own Stagefright Detector app for Android, which can be used to determine if a device is vulnerable to an exploit using the libstagefright library. The company said it is also working with Google to integrate the app’s analytical logic into Android’s Compatibility Test Suite, which would ensure that the vulnerability would be fixed in all future Android devices before they shipped.

News of the Stagefright vulnerability generated a massive response from the developer community. “We expected other researchers to explore the vulnerabilities we disclosed and discover additional vulnerabilities in the Stagefright library over time,” the company said in a blog post. “That said, we did not expect the incredible level of response from the community. We applaud the efforts of myriad researchers that flocked to audit the Android code base and collectively discovered and reported numerous additional issues.”

Other Issues with Stagefright Library Remain

Google was also quick to respond, distributing new versions of Hangouts and Messenger to block automatic processing of multimedia files arriving via MMS. The upgrades do successfully prevent the unassisted remote exploitation vulnerability they had identified, according to Zimperium.

However, the company noted that the MMS attack vector was only the worst of more than 10 different ways the Android system could be attacked. Other vectors, such as browsers and instant messages, also process potentially malicious media using the Stagefright library. “With these other vectors still present, the importance of fixing issues within the code base remains very high,” Zimperium said.

Despite the potential severity, there are silver linings. The exploit is not generic, and has only been tested on a single Nexus device running Android 4.0.4. The vulnerability has been addressed in Android 5.0 and later. Nevertheless, Zimperium said that other researchers have been able to develop other exploits that take advantage of libstagefright against Android 5.0 running on an emulator.

Tell Us What You Think
Comment:

Name:

Like Us on FacebookFollow Us on Twitter
MORE IN DATA SECURITY
ENTERPRISE SECURITY TODAY
NEWSFACTOR NETWORK SITES
NEWSFACTOR SERVICES
© Copyright 2017 NewsFactor Network. All rights reserved. Member of Accuserve Ad Network.