A not so new bug called Stagefright, that affects Android devices has been discovered by security researchers. The bug leaves millions of Android devices at risk of attack.
The research company, NorthBit, a software research company based in Israel, claims it had exploited the bug which was previously discovered as the “worst ever discovered” bug. They published their results and showed a video of the exploitation the bug on a Nexus 5. The company also said it had tested on the LG G3, HTC One and a Samsung Galaxy S5. The exploitation the company used is called Metaphor.
Gil Dabah who is the co-founder of the research company told the reporters that if left the exploit could be altered to cause more damage. He stated that if people did not upgrade to the latest updates then they were at a higher risk to get more affected. The bug affects Android 5 or 5.1 devices mostly of which they constitute 36 percent of the 1.4 billion active Android phones on the market. In a statement he said, “our research managed to get it to the level of production grade, meaning that everyone – both the bad guys and good guys, or governments- could use our research to facilitate it in the wild.”
Stagefright was first discovered in July 2015 by a security firm named Zimperium. The bug is able to execute remote code on Android devices and is possible to affect 95 percent of Android devices. Another version called the Stagefright 2.0 was found again in October which was said to be able to exploit issues with .mp3 and .mp4 files. The bug itself is a software library which is built inside the Android operating system. When a user receives an MMS message and the video is composed in the correct way it can trigger the malicious code which is already in the device.
During the time the bug was found Google released a security update, addressing the Stagefright issue. They also promised a patch of regular security updates for all Android devices in due course. But in light of the new version of the Stagefright bug, they have not yet commented yet and efforts to reach them were futile.
The research team say that the Stagefright can only affect Android 2.2, 4.0, 5.0 and 5.1. Other versions are safe for now. He says they managed to bypass a way, address space layout randomization (ASLR), a memory protection process which is available on Android 5.0 and 5.1 but not on 2.2 and 4.0.
After bypassing the ASLR, the video then shows one user opening a link sent in a message before the exploit sends mounds of data to the hackers computer. The chairman of Zimperium said that the research done by NorthBit showed that the scope of vulnerable Androids had increased. “I would be surprised if multiple professional hacking groups do not have working Stagefright exploits by now. Many devices out there are still vulnerable, so Zimperium has not published the second exploit in order to protect the ecosystem,” he said.
NorthBit’s report is enough to give hackers another way to complete exploit using the Stagefright bug. More and more security updates have to be released.