By now we’ve all heard of the Stagefright bug and Google’s monthly security updates initiative. What’s not so well-known is that the Stagefright exploit had been largely unreliable in its implementation, leaving no real cause for alarm – until recently that is.
Security researchers at NorthBit have apparently developed a reliable method of delivery for the exploit and can do so much faster than you’d expect.
Dubbed “Metaphor”, the new method probes your devices security defenses before actually attacking. Using specially crafted MPEG-4 videos, the exploit crashes Android’s media server then sends device information back to the attack server before sending the next file that gathers more sensitive data and alerts the server that the final delivery, the actual exploit, is safe to send.
This can all take place is as little as 20 (yes, twenty!) seconds.
This is not immediate cause for concern, though, as the exploit has not been seen in the wild, and users who have taken updates since October 1, 2015 are unaffected by this method. Rooted users, especially those using AOSP or Cyanogen sourced ROMs are likely unaffected as well. So, if you’ve wanted to try something new, or are worried about being a victim, this is justification for flashing that new ROM, so enjoy!
EpicDroid is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to amazon.com. As an Amazon Associate I earn from qualifying purchases.
Carl is an Android enthusiast that got his start with an HTC Hero. Quickly tiring of not being able to change certain things about the device, he sought out the means to do what he wanted; Enter XDA Developers. After spending immense amounts of time on the forums learning, building and sharing, Carl decided to pursue higher education to increase his understanding and focus on a direction in the mobile world. Primarily focusing on security and privacy, Carl intends to gain his CEH and Reverse Engineer malware.