Major Flaw In Android Phones Would Let Hackers In With Just A Text
July 27th, 2015For Samsung users: Since the payload is in video files, how about unchecking “Auto retrieve” in Multimedia messages in the Samsung Messages app settings? Am I right?
Via: NPR:
Android is the most popular mobile operating system on Earth: About 80 percent of smartphones run on it. And, according to mobile security experts at the firm Zimperium, there’s a gaping hole in the software — one that would let hackers break into someone’s phone and take over, just by knowing the phone’s number.
Just A Text
In this attack, the target would not need to goof up — open an attachment or download a file that’s corrupt. The malicious code would take over instantly, the moment you receive a text message.
“This happens even before the sound that you’ve received a message has even occurred,” says Joshua Drake, security researcher with Zimperium and co-author of Android Hacker’s Handbook. “That’s what makes it so dangerous. [It] could be absolutely silent. You may not even see anything.”
Here’s how the attack would work: The bad guy creates a short video, hides the malware inside it and texts it to your number. As soon as it’s received by the phone, Drake says, “it does its initial processing, which triggers the vulnerability.”