STAGEFRIGHT Still Remains A Threat To Millions of Android Users.

By -

Stagefright hack, which was recently patched by Android and partner OEMs, is still a valid threat for unpatched devices. Israeli security researchers at Northbit, a security firm, claim to have further exploited that hack and have devised a method to hack any unpatched Android device. The group has successfully tested the exploit on a LG G3, HTC One and a Samsung Galaxy S5. Northbit has named the exploit Metaphor and published a PDF that gives full details of the exploit, its workings and how one can make it.

Northbit was also able to bypass ASLR (address space layout randomisation) that was re-introduced with Android Lollipop. The researchers wrote in the paer, “Although the bug exists in many versions (nearly a 1,000,000,000 devices) it was claimed impractical to exploit in ­the ­wild, mainly due to the implementation of exploit mitigations in newer Android versions, specifically ASLR” . 

"The team here at North-Bit has built a working exploit affecting Android versions 2.2 ­to 4.0 and 5.0 to 5.1, while bypassing ASLR on versions 5.0 ­to 5.1 (as Android versions 2.2 to 4.0 do not implement ASLR," the paper states. Northbit has shared a video showcasing how fast the exploit can hack a victim’s Android device.

Stagefright itself is a software library, which is coded in C++ and lives inside the Android ecosystem. It is used by Android to parse videos and other media. The Stagefright vulnerability was first cited in 2015 by Zimperium mobile security, and made about 95% of the Android devices vulnerable. Since then only a few devices have received software patches but a majority of Android devices remain vulnerable.

Comments

Post a Comment

Popular posts from this blog

Report Suggests Apple iPhone XI to sport Long Distance 3D Camera Calling support.

By -
Image
The next gen camera technology has been in talks for some time now and Sony has been burning night hours in making it ready for mass productions. According to talk between Sony and BloombergQuint, The Sony will be soon be boosting their 3D Camera sensors after getting positive response from the customers and positive response from the market. The Apple Inc. is one of their customers. This new tech may result in huge improvements and a revolution in the smartphone photography. Some rumours also suggest that the Apple is planning to implement augmented reality features to its future Flagships and the future flagships may come with tri-camera setup. And from the rumours one can anticipate that these new camera features will be used to draw potential customer in the year 2019 by Apple Inc.  But the plans may or may not succeed as the most awaited and most anticipated feature the market has been waiting for the year 2019 is the smartphones and flagships with 5G connect...
Read more

Hack WPA/WPA2 WPS Wifi Hack

By -
Image
When it was known that a WEP network could be hacked by any kid with a laptop and a network connection (using easy peasy tutorials like those on our blog), the security guys did succeed in making a much more robust security measure WPA/WPA2. Now hacking WPA/WPA2 is a very tedious job in most cases. A dictionary attack may take days, and still might not succeed. Also, good dictionaries are huge. An exhaustive bruteforce including all the alphabets (uppercase lowercase) and numbers, may take years, depending on password length. Rainbow tables are known to speed things up, by completing a part of the guessing job beforehand, but the output rainbow table that needs to be downloaded from the net is disastrously large (can be 100s of GBs sometimes). And finally the security folks were at peace. But it was not over yet, as the new WPA technology was not at all easy for the users to configure. With this in mind, a new security measure was introduced to compliment WPA. Wifi Protected Set...
Read more

Affordable Galaxy Home Smart Speakers from Samsung Powered by Bixby

By -
Image
Image Credit: Samsung Recently Samsung introduced their Galaxy Home Smart Speakers powered by Bixby Assistant from Samsung and it is yet to hit the market, but rumours about them planning an affordable version of the speakers which will also be powered by their voice assistant Bixby. Although the full specification of the speaker is not yet known it is expected to have less features being the affordable one than the pricier one i.e. the Galaxy Home Smart Speakers. This could most likely be their strategy as the Galaxy Home Speaker may compete with the Apple HomePod which cost somewhere around 349 USD but for Samsung to compete with more affordable speakers available in the market like Google Home and Amazon Echo which are available at less than 200 USD or so they had to take this approach. Even though the launch Is not yet confirmed, for Samsung to be able to compete in this niche they will have to focus on the potential customers who opt for more affordable kind of appro...
Read more