Connect with us

Hi, what are you looking for?

Capital Business
Capital Business

Technology

Android flaw lets hackers break in with a text message

Android

Cyber security firm Zimperium has warned of a flaw in the world’s most popular smartphone Android operating system that lets hackers take control with a text message.

“Attackers only need your mobile number, using which they can remotely execute code via a specially crafted media file delivered via MMS (text message),” Zimperium Mobile Security said in a blog post.

“A fully weaponized successful attack could even delete the message before you see it. You will only see the notification.”

Android code dubbed “Stagefright” was at the heart of the problem, according to Zimperium.

Stagefright automatically pre-loads video snippets attached to text messages to spare recipients from the annoyance of waiting to view clips.

Hackers can hide malicious code in video files and it will be unleashed even if the smartphone user never opens it or reads the message, according to research by Zimperium’s Joshua Drake.

“The targets for this kind of attack can be anyone,” the cyber security firm said, referring to Stagefright as the worst Android flaw discovered to date.

“These vulnerabilities are extremely dangerous because they do not require that the victim take any action to be exploited.”

Malicious code executed by hackers could take control of smartphones and plunder contents without owners knowing.

Advertisement. Scroll to continue reading.

Stagefright imperils some 95 percent, or an estimated 950 million, of Android phones, according to the security firm.

Zimperium said that it reported the problem to Google and provided the California Internet firm with patches to prevent breaches.

“Google acted promptly and applied the patches to internal code branches within 48 hours, but unfortunately that’s only the beginning of what will be a very lengthy process of update deployment,” Zimperium said.

It did not appear as though hackers had taken advantage of the Stagefright vulnerability, according to Zimperium.

Updating Android software powering mobile devices is controlled by hardware makers and sometimes telecommunication service carriers, not Google.

While Apple controls the hardware and software in iPhones, iPads, and iPods powered by its mobile operating system, Google makes Android available free to device makers who customize the code and update it as they see fit.

More about Drake’s research was to be disclosed at a Black Hat computer security conference taking place in Las Vegas early in August.

Click to comment
Advertisement

More on Capital Business

Executive Lifestyle

NAIROBI, Kenya, Mar 12 – The country’s super wealthy individuals are increasing their holding of bonds, gold and cash, a new report by Knight...

Ask Kirubi

NAIROBI, Kenya, Mar 9 – Businessman and industrialist Dr. Chris Kirubi has urged members of the public to exercise extreme caution when making any...

Ask Kirubi

NAIROBI, Kenya, Mar 24 – Businessman and industrialist Dr. Chris Kirubi is set to own half of Centum Investment Company PLC, following a go-ahead...

Ask Kirubi

It is without a doubt that the COVID-19 pandemic has caught the whole world by surprise. Although its full impact is yet to be...

Headlines

NAIROBI, Kenya, Mar 18 – Commercial Banks have been ordered to provide relief to borrowers on their personal loans, with loans eligible from March...

Kenya

NAIROBI, Kenya, Jun17 – Kenya’s tea leaves manufacturer Kericho Gold, has been awarded the Superbrands Seal by Superbrands East Africa for their quality variety...

Coronavirus

NAIROBI, Kenya, Apr 13 – As the local telecommunications industry gears up to roll out 5G networks in the country, the Communications Authority of...

Coronavirus

NAIROBI, Kenya, Mar 22 – Airtel Kenya is offering free internet access for students in order to enable continued learning at home in the...