Recently a pretty serious android vulnerability was disclosed for Android Phones. The vulnerability, referred to as “Stagefright”, allows for a hacker to access your phone by sending you videos via text message (MMS).
To help mitigate the threat, I suggest everyone disable auto-retrieve in their MMS messaging apps and disable auto playing of videos where they can; web browsers and possibly apps like Facebook and Twitter. Most of all don’t click on text messages from people you don’t know.
The person who found the vulnerability has only released one attack but says he will demonstrate multiple methods at DefCon and Black Hat hacking conferences this year. One of the methods he claims is a malicious webpage.
It looks like Firefox has already posted a security fix, starting with version 39. Some other individual apps may provide their own fixes as well.
There is only one way to fix this vulnerability and that is with an Android patch that has been released to the vendors but it is up to the vendors to send the update to your phones which none have yet.
Messaging apps vary on Android phones, so search online to find exactly how to disable Auto Retrieve on your phone. On many apps it’s under Settings -> Advanced.
For the Samsung Galaxy 6 Messages app select: More -> Settings -> More Settings -> Multimedia messages and turn off Auto Retrieve.
With the outbreak of the “stagefright” bug in Android phones, WCHS Eyewitness News wanted to consult an expert on security. So they reached out to Advantage Technology. Watch as Jason Martin speaks with Stefano DiPietrantonio with about the threat.
