A failure of Google Android operating system, which operate most brands of smart phones, can allow hackers take control of the devices with a message text , warned on Monday the security company Zimperium.
“The attackers need only phone number , and using it can run remote programs through a file specially designed for it and delivered by MMS “, a text message with multimedia content such as video, explains Zimperium in your blog.
The company said the message used to attack it can also be destroyed before the owner of the smartphone to read, according to findings of one of its leaders of research teams Joshua Drake.
The flaw is in a feature called “ Stagefright “video files attached to the texts are automatically downloaded to prevent recipients have to wait for them.
However, the pirates can hide programs malicious in these video files, and would be activated even if the recipient does not read the message, details Zimperium.
“These faults are extremely dangerous because they need a action of the victim to be detonated, “warns the company.
According Zimperium, 95% of smart phones operate with Android, that is, about 950 million sets are at risk . However, it seems that hackers have not taken advantage of the flaw yet.
The company Zimperium said he had informed Google of the problem and provided security patches to correct the error, “but unfortunately this is only the beginning of what will be a long process of renovation “he said.
The Android updates on devices that use the software are controlled by handset manufacturers and sometimes by telephone operators.
More details of the investigation of Joshua Drake must be disclosed at the conference on security Black Hat in Las Vegas in early August.
No comments:
Post a Comment