Buzz
Researchers at Zimperium zLabs have identified a vulnerability bearing striking similarities to Stagefright - Android's largest security flaw - which was discovered back in July. Thus, they've named it Stagefright 2.0.
Stagefright 2.0 persists in Android devices dating back to the first version in 2008. Simply by utilizing the preview feature to listen to an MP3 or watch an MP4 video containing special code, hackers can gain access to the device and remotely alter the code to monitor all information within the device.
Users may be tricked into opening links that activate the preview feature on Android, or the flaw can be easily exploited if the hacker and victim are using the same Wi-Fi network, such as at a cafe.
This flaw has been reported to Google by security experts, and the search giant has sent updates to Android manufacturers. They will also fix the flaw in the Nexus line through a patch on October 5th.
Stagefright, previously labeled by Forbes as Google's most severe security vulnerability, allows hackers to install malicious code without requiring any user interaction. By sending a media file containing an exploit via MMS, hackers can take control of the device. Once infiltrated, hackers gain access to applications such as audio, camera... enabling them to eavesdrop on calls or monitor the device's surroundings.
If events unfold as described, it would indeed be a disaster for Android devices. Hopefully, developers will soon find a way to extinguish this situation.
