Stagefright 2.0 Vulnerability Compromised 1 Billion Android Phones With Hoaxer Audio Files

Stagefright  vulnerability was first discovered in April, the vulnerability allowed attackers to target Android phones over text or MMS, exploiting a weakness in Android’s multimedia preview function. And after three months its happening again, this time the bugs has new name – Stagefright 2.0.

The same team, Zimperium Mobile Threat Protection, zLabs VP of Research Joshua J. Drake again found a set of another two vulnerabilities and bug named Stagefright 2.0. The new vulnerability is attacking Android phones by encoding a malicious program into an audio file, delivered over mp3 or mp4. Once a user previews the file or visits a page where that file is embedded, Android’s audio preview will activate the program, infecting the device. And the worst part is he virus can also be deployed by an attacker on a public Wi-Fi network.

Also See : [p2p type=”slug” value=”major-security-flaw-in-android-lollipop-smartphone” attributes=”target=’_blank'”]Major Security Flaw In Android Lollipop Allows Anyone To Unlock Your Smartphone[/p2p]

The vulnerability lies in the processing of metadata within the files, so merely previewing the song or video would trigger the issue. One of the exploits –assigned a Common Vulnerabilites and Exposures (CVE) number of CVE-2015-6602 – reportedly affects Android devices from 1.0 above, the second, unnumbered vulnerability affects devices running 5.0 and above.This second vulnerability may also affect third-party applications due to the issue being found within the libstagefright library used by some media players.

Also See : [p2p type=”slug” value=”virus-in-candy-crush-and-other-popular-games-attacking-android-users” attributes=”target=’_blank'”]Virus In Candy Crush And Other Popular Games Attacking Android Users[/p2p]

According to Motherboard,  Zuk Avraham, Zimperium zLabs’ founder and Chief Technology Officer, said that 1.4 billion people are likely affected by the vulnerabilities, explaining, “I cannot tell you that all of the phones are vulnerable, but most of them are.”

Google’s latest Android operating system, Marshmallow, will reportedly carry the fix for the issue, though older devices that cannot be updated to Android Marshmallow may end up being stuck with vulnerabilities inside them.

Also See : [p2p type=”slug” value=”ransomware-porn-app-attacking-android-users” attributes=”target=’_blank'”]Ransomware In The Form Of A Fake Porn App Attacking Android Users[/p2p]

Sabarinath is the tech-savvy founder and Editor-in-Chief of TechLog360. With years of experience in the tech industry and a computer science background, he's an authority on the latest tech news, business insights, and app reviews. Trusted for his expertise and hands-on tips for Android and iOS users, Sabarinath leads TechLog360 with a commitment to accuracy and helpfulness. When not immersed in the digital world, he's exploring new gadgets or sharing knowledge with fellow tech enthusiasts.


Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.

More from this stream