A failure of the Android operating system from Google , with operating most brands of smart phones, can allow hackers to take control of the devices with a text message, he warned on Monday Zimperium security company.
“The attackers need only your phone number, and using it can run remote programs via a specially crafted file for it and delivered by MMS”, a text message with multimedia content such as video, Zimperium explains in his blog.
The firm said the message used for the attack also can be destroyed before the owner of the smartphone to read , according to findings of one of its leaders of research teams, Joshua Drake.
The flaw is in a feature called “Stagefright” , video files automatically download attachments to texts to prevent recipients have to wait to see .
However, hackers can hide malicious programs in these video files, and would be activated even if the recipient does not read the message, details Zimperium.
“These faults are extremely dangerous because they do not require action by the victim to be detonated,” warns the company.
According Zimperium, 95% of smart phones operate with Android, which means that about 950 million sets are at risk. However, it seems that hackers have not been exploited the flaw yet.
The company Zimperium said he had informed Google of the problem and provided security patches to correct the mistake, “but unfortunately this is just the beginning of what will be a very long process of renovation” , he said.
Android updates on devices that use the software are controlled by handset makers and sometimes by telephone operators.
More details of the investigation of Joshua Drake must be disclosed in the computer security conference Black Hat in Las Vegas in early August.
No comments:
Post a Comment