Android phones at risk from simple text hack!!! - BNA iTech


Post Top Ad

Post Top Ad

Monday, July 27, 2015

Android phones at risk from simple text hack!!!

2013 to 2015, more than 2.3 billion Android devices shipped around the worldwide. Security firm BNA Softwares says this vulnerability could affect 95 percent of them.
Samsung retained its No:1 leadership in the worldwide smartphone market with a 22.6% share in 2015 Q2. 

2015 Q222.6%14.1%7.8%6.3%4.9%62.7%
2014 Q226.8%12.8%5.10%5.1%7.0%46.3%
2013 Q233.2%11.9%4.27%1.2%5.7%51.6%

A security research company claims to have found a vulnerability baked into Android that could.

Malicious hackers could take advantage of it by sending to an Android device a simple text message that, once received by the smartphone, would give them complete control over the handset and allow them to steal anything on it, such as credit card numbers or personal information.
Android Phone at risk
And that is potentially a lot of mobile phones. In 2013 To 2015, over 2.3 billion Android devices shipped worldwide, according to researcher Strategy Analytics, which expects the number to rise in 2015 and beyond. 
A Google spokeswoman said that those intermediaries are armed with the patches they need to safeguard devices, though she did not offer specifics on which were ready to push those changes through, or when that might happen.
Android HackerGoogle Android software has been highly susceptible to security flaws for years, in part because of the open design that makes it popular as an alternative to Apple's iOS, the software that underlies the iPhone and iPad. In the first quarter, 97% percent of mobile malware targeted Android devices, according to security firm Lookout Security. 

The security of Android users is extremely important to us and so we responded quickly and patches have already been provided to partners that can be applied to any device, the Google spokeswoman said. "Most Android devices, including all newer devices, have multiple technologies that are designed to make exploitation more difficult. Android devices also include an application sandbox designed to protect user data and other applications on the device."

How the vulnerability gets exploited?

The malware that would exploit the Android vulnerability hides inside a short video sent to a person's phone number, according to NPR, which reported on the bug Monday. As soon as the malicious text is received, features built into Stage fright to reduce lag time for viewing videos process the video to prepare it for viewing. That processing apparently is enough for bad guys to get their hooks into the platform and take control.
Your Phone HackedTo compound the threat to Android devices, Google is largely powerless when it comes to actually getting patches to users. Phone makers including Samsung, LG and Huawei, as well as wireless carriers, all have control over how updates are sent to products.
Once Android is bundled into a product, it's typically been modified by those third parties. When security updates are required, Google can only send out a patch and after that, it's up to the phone 
maker or carrier to push those updates to phones.
Exactly when the device might be exploited depends on the messaging platform a person employs. Those using the standard Messenger app built into Android would need to open the text message (but not necessarily watch the video) to fall victim to the trap. Those who are running Google's Hangouts app to handle text messaging, however, need not even open the application, according to Zimperium. As soon as Hangouts receives the text, it processes the video and the hacker is in. (The Google's Play app marketplace says Hangouts has been downloaded between 1 billion and 5 billion times.)
Acknowledging that Android has become a destination for malware, Google in June announced a rewards program that pays researchers cash for finding bugs and holes that may be exploited in the operating system.

Post Top Ad