Security researchers have revealed a security flaw in 95 percent of Android phones that could let hackers access them remotely via a text message without an owner knowing.
Cybersecurity firm Zimperium reports that it found numerous vulnerabilities in the Android framework. The company plans to present its research at the Black Hat 2015 security conference and Def Con in August.
Merely by using a person’s telephone number, hackers can send a media file that takes over the phone as soon as its received, even before the user hears a sound that the message was received, according to Zimperium researcher Joshua Drake, cited by NPR.org.
The targeted user does not even have to play the attached video which hides the malware for it to work.
Once attackers have access to the phone, they can copy data, delete it, take over your microphone and camera, and follow a user’s every move.
Zimperium found the vulnerability via its media library, Stagefright, which it uses to process media files.
The company says the vulnerability affects just about every Android phone out there. About 80 percent of smartphones run Google’s Android operating system.
Although Zimperium sent Google patches for the bugs, which it accepted, the company warns that as few as 20 percent of phones will actually be fixed due to problems getting manufacturers to install them.
For more see: Major flaw in Android Phones (http://www.npr.org/sections/alltechconsidered/2015/07/27/426613020/major-flaw-in-android-phones-would-let-hackers-in-with-just-a-text).
Zimpeium: https://www.zimperium.com/company
