What is Stagefright? and How to Overcome It - nikeoutletonline.net
29 May 2023

Latest posts by Tech.id Media ( Aldy ) (see all)

What is Stagefright? and How to Overcome It

Stagefright A Terrible Threat For Android Users

A team of researchers from security company Zimperium zLabs managed to find a bug that threatens Android users. The results of their research revealed that 95% of the total Android devices in circulation could be easily hacked through this bug. In fact, it only takes one text message (SMS) to hack an Android device. The bug is named Stagefright. The danger is, these security holes can steal data on Android devices without the user’s knowledge. Stagefright is entered by hackers from video content sent via MMS and instant messaging services, such as Hangouts. The video will be processed automatically and immediately infect the device with malicious files without needing to be opened. The Best Canon DSLR Camera for Beginners


What is Stagefright?

Actually, the name Stagefright itself is related to the mechanism of the Android operating system in processing video content received via MMS and instant messaging applications. So, so that the video file received earlier is opened more quickly by the user, the Android operating system (OS) is assisted by a mechanism called libStagefrigt. But unfortunately, the libStagefright mechanism actually endangers its users, because video files will be processed automatically by the Android OS without the user’s knowledge. And apparently, libStagefright has been implemented on the Android OS since version 2.2 Froyo to 5.0 Lollipop. Xiaomi vs Samsung Which is Good

This is what causes many parties to believe that the number of devices affected by the Stagefright attack has exceeded the 950 million mark worldwide. To make matters worse, the vulnerability has now evolved into Stagefright 2.0, which can spread via web links. Worse, if infected, the Android device can be remotely controlled by hackers and the data in it can be accessed. Unlike the first version, in this new generation, hackers need user involvement to inject devices with malware via Stagefright. In order for the malware to infect the device, the user must open a web link that is sent. This new version is even claimed to be more ferocious than the previous generation. The reason is, Stagefright 2.0 can infect Android devices from version 1.0 and above, whose population is estimated at 1.4 billion.

Spread Through MP3 Files

Still according to the findings of Zimperium zLabs, the Stagefright 2.0 security hole can also be used by hackers to spread malicious programs only via MP3 audio files and MP4 video files. Malware that rides on MP3 and MP4 files can be injected into devices without needing to be played. These dangerous MP3 and MP4 files are usually obtained by Android users through sites that are deliberately built by hackers. Hackers can also inject malicious programs via MP3 and MP4 files to retrieve user data and control devices. The danger is, to infect and enter the Android device system, these MP3 and MP4 files don’t need to be played or played. Only by previewing the MP3 and MP4 files, hackers can easily access the Android device code and steal data and control it remotely.

Against Stagefright

In response to this growing hot issue, Google also spoke up, that 90 percent of Android devices are equipped with a security system called Address Space Layout Randomization (ASLR). This ASLR will intelligently randomize data processing memory locations in the Android operating system. The presence of this security system will make it difficult for hackers to exploit data on Android devices. This security system itself has been implemented by Google since version 4.0 Ice Cream Sandwich and above. Not only that, Google, which is already aware of this security hole, has also prepared a patch or patch. You can also easily find dozens of Stagefright antidote applications on the Google Play Store, such as Stagefright Detector, ESET Stagefright Detector, Stagefright Detector Exp (Scan), and so on.

Source: MagazineMos.com

Leave a Reply

Your email address will not be published. Required fields are marked *