Skip to main content

Yet another Android Stagefright vulnerability has been discovered

Researchers in Israel have found a free tool capable of taking advantage of a vulnerability that affects the Android library used to analyse multimedia files.

Stagefright, a vulnerability discovered last year, allows cybercriminals to execute malicious code through a harmful or compromised website to steal information. As the vulnerability affects mostly Android users, the free tool allows to detect if the device is vulnerable to Stagefright.

A recent paper by NorthBit researcher Hanan Be’er has also found that an exploit known as ‘Metaphor’ can go further to take advantage of the vulnerability in Stagefright, dodging the devices’ defense mechanisms.

The threat operates on Android 2.2 to 4.0 and 5.0 to 5.1. And in the latest versions, it can evade a functionality used to hamper the proper operation of exploits.

The exploit is able to send information about the device right after the victim lands on a malicious site that causes the crash of the multimedia server of Android.

The attacker’s private server then creates a custom video file and sends it to the device, which exploits Stagefright to reveal more information about the device’s internal state as well as the privileges needed to spy on the user.

According to the analysis, the exploit “works best on Nexus 5 devices” and “was also tested on HTC One, LG G3, and Samsung S5 devices, although the exploit was slightly different on these brands.”

The exploit, however, is found to have limited scope and users are advised to keep up to date with the latest news and download patches when released by the provider.

Photo credit: Kirill__M / Shutterstock