Hello Hackers and geeks, In this Article You all are going to assimilate Android Security.
Mobile security applications for Google’s Android platform help protect Android smartphone and tablet mobile devices from malware threats as well as unauthorized access following accidental loss or theft of the device.
Stagefright is the group of software bugs that affect versions 2.2 (“Froyo”) and newer of the Android operating system, allowing an attacker to perform random operations on the victim’s device through isolated code execution and benefit acceleration.
Security researchers demonstrate the bugs with a proof of concept that sends specially crafted MMS message to the victim device and in most cases requires no end-user actions upon message reception to succeed – the user doesn’t have to do anything to ‘accept’ the bug – it happens in the background.
The phone number is the only target information.
The Stagefright vulnerabilities carry serious Security Implications
An attacker could exploit them to remotely control and steal data from a device by sending a victim a multimedia message packaged with an exploit
Stagefright is a complex software library implemented primarily in C++ as part of the Android Open Source Project (AOSP) and used as a backend engine for playing various multimedia formats such as MP4 files.
The discovery of the first Stagefright vulnerability last July is turning out to be just the beginning of many security concerns for Android users.
It is also the name of a software library used by Android to parse videos and other media
It can be exploited by a booby-trapped message or webpage to execute malicious code on susceptible devices.
What is Stagefright Malware hacking?
When a hacker sends an MMS message containing a video that includes malware code the victim doesn’t even have to open the message or watch the video in order to activate it.
The built-in app automatically processes videos and pictures from MMS messages in order to have them ready in the phone’s Gallery app.
Hackers also gain control of the device before the victim knows about the text messages, and even if phone owners find the message right away, there is nothing they can do to prevent the malware from taking over their device.
The hacker would have access to all data and the ability to copy or delete, and would even have access to the microphone and camera, all pictures on the device, as well as Bluetooth.
MEASURES TO PROTECT YOURSELF FROM STAGEFRIGHT
We know that Hackers need only your phone number to deliver the malware.
Malware is delivered via MMS (Multimedia Messaging Service) through the popular chatting apps like Whatsapp, Google Hangouts, Messenger, Messaging or even the default Messages app.
Malware is mechanically carry out on the device; user doesn’t have to do anything!
All phone and tablet seller needs to deliver patches to their users. Unfortunately this could take a lot of time.
Simple step-by-step guide to protect yourself from Stagefright.
- Basically you just need to turn off the MMS auto retrieval in each messaging app you have on your device.
- Ensure that automatic updates are enabled on your Android device to receive the latest patches from your device manufacturer
- Block MMS from unknown correspondent
- Disable automatic MMS retrieval in Messaging setup
- Use a browser that is not vulnerable to Stagefright (for example, Firefox )Enable Two-factor Authentication on everything
Two-factor authentication, also called two-step verification, requires two authentication methods,
like passwords, PIN numbers, fingerprints or physical access to your phone.
This method of securing your accounts works on many services,
and you may already have used it with your online banking platform.
It sometimes also prevents other people from seizing your online identity.
Facebook, Twitter and LinkedIn all have the feature.
Major payment platforms like PayPal and cloud storage services like Dropbox also usually support two-step verification.
It is advisable to enable it on your Google Account as well.
I hope This Article Helped you Securing Your Android Phones.
Check this Exclusive article about SQL & DDOS Here