“The most dangerous in the history of mobile OS” vulnerability discovered in the Android OS expert in the field of computer security Joshua Drake of Zimperium. In order to crack the smartphone, the intruders need to know the telephone number of the victim. The vulnerability hiding in Stagefright – staffing tool for playback of multimedia files, and therefore even a simple MMS may result in action by the malicious code.
The affected component is used to automatically generate thumbnails, extracting metadata of video and audio. Just enough to get the infected file via MMS or copy within the file system. In the first case, the user will not even know how it was hacked his device, because MMS can come at night in silent mode, and the malicious code will remove any mention of the message.
“This can happen even before you hear the sound alert,” said Drake. – This is what makes this vulnerability so dangerous. Infection can occur in absolute silence. You will learn nothing”.
Google is already aware of this problem and has already sent its hardware partners with the appropriate fix. The thing is that the update of Android smartphones is very slow, but because 95% of these devices are still in the risk zone.
Vulnerability is the deadliest ever discovered on the Android platform. Estimated Zimperium about 950 million devices gadgets at risk of burglary. It is both old and new smartphones from Samsung, HTC and other hardware partners Google.
Apparently, the majority of users “phones” will remain vulnerable, because the flaw affects Android versions from 2.2 and above that will never receive updates.