Security researchers at Zimperiumhave some problem for Android users out there who frequently send and get multimedia messages. According to the scientists, a major security hole exists in the Android platform which might potentially allow malicious people to get to a device by simply sending out a relatively innocent text message to the targeted number.
Android is presently the most popular mobile os on the world, making up around 80 % of smartphones around, so it isn’t really challenging to understand why this is a severe cause for concern.
The ability to exploit the vulnerability within the Android platform is so severe that an assailant might take control of the device from a remote area before the phone even has a opportunity to notify the user of an inbound text. According to Zimperium scientist Joshua Drake:
This occurs even before the sound that you’ve received a message has actually even occurred. That’s exactly what makes it so dangerous. It might be definitely quiet. You may not even see anything.
Drake, who is likewise the co-author of the Android Hacker’s Handbook, goes on to explain that the susceptability can be exploited via a reasonably easy piece of malware hidden within a deliberately produced, but apparently innocent video sent through multimedia text. Among the primary concerns for Drake is the truth that the native Hangouts application immediately processes videos gotten by the device guaranteeing that the user experiences no lost time when loading the video. Unfortunately for Android this technique “invites the malware right in”.
Things aren’t as terrifying if you actually make use of the native Messages app within Android as this in fact needs the user to open the app prior to the malware within the attachment can be processed and performed. With that said it deserves noting that neither case actually needs the embedded media to be by hand opened and seen. If this type of message is received and processed then it basically allows the assailants access to anything. They would be able to view the device electronic camera, eavesdrop on the microphone, as well as copy and erase data from the device as they please.
Drake and his Zimperium team have currently submitted patches to Google for repairing this susceptability, which have been accepted and will likely filter through to brand-new versions of Android. Whether the fix makes it through to your device in an appropriate time duration is entirely reliant on the hardware maker and when they roll out the upgraded version of Android for your certain device.