On July 27th, Android phone users were warned of a newly-discovered vulnerability affecting the media playback tool built into their phones’ operating systems. If manipulated, this tool, called Stagefright, would allow hackers to control phones remotely and steal data, potentially without ever being noticed.
Hackers could gain access by sending a video text message packaged with malicious software. Once the message is received—regardless of it being opened by the recipient—the virus is activated as Stagefright automatically scans the message. The malware now has control over the phone, and hackers can access any personal information on the SD card and in the memory. Additionally, the phones can be turned into bugs when hackers remotely record audio and video undetected by the user.
Fortunately, Google was made aware of this flaw back in April when it was discovered by Zimperium zLabs mobile security researcher Joshua Drake, who also provided patches to fix the issue. Within 48 hours, Google implemented those patches and another set in May. Unfortunately, because Google relies on its partnering phone-makers to push out software updates, manufactures and service providers are in charge of disseminating those patches to customers. Only CyanogenMod, Mozilla, and Silent Circle’s Blackphone have delivered patches; others will have to wait.
Although the vulnerability has yet to be exploited, it is still a real threat that businesses should take seriously. According to Zimperium, an estimated 950 million devices are critically exposed to this threat, which is considered far worse than the “Heartbleed” virus that affected millions of PCs worldwide. To ensure Android users at your company avoid the Stagefright hack, follow these recommended steps from Sophos:
- Contact your phone vendor to see if a patch is available.
- If a patch is not yet available, find out when to expect it so you can be prepared.
- In the meantime, if your messaging app supports it, turn of “automatically retrieve MMS messages.”
- If your phone supports it, also consider blocking messages from unknown users.
- If your messaging app does not allow you to turn off “automatically retrieve messages,” consider reverting back to Android Messaging, which does.
Malware of any kind can disrupt or damage the normal operation of a computer or electronic file system. In addition to keeping operating systems, security patches, and anti-virus software programs updated, the best way for any company to protect their resources is to train personnel on how to avoid common malware threats. Visit the Cyber Threats section of the Knowledge Center for suggested ways to prepare your employees for, steps to respond to, and processes to recover from a malware attack.
For general education on information security, you can also take our Information Security training course. If you have questions regarding ways to safeguard your company against malware or other cyber threats, contact your Customer Success representative.
Marlia Fontaine-Weisse is the Content Manager for Preparis.