StageFright – How to Protect Yourself from it

Experts Found a Unicorn in the Heart of Android

Attackers only need your mobile number, using which they can remotely execute code via a specially crafted media file delivered via MMS. A fully weaponized successful attack could even delete the message before you see it. You will only see the notification. These vulnerabilities are extremely dangerous because they do not require that the victim take any action to be exploited. Unlike spear-phishing, where the victim needs to open a PDF file or a link sent by the attacker, this vulnerability can be triggered while you sleep. Before you wake up, the attacker will remove any signs of the device being compromised and you will continue your day as usual – with a trojaned phone.

These issues in Stagefright code critically expose 95% of Android devices, an estimated 950 million devices.
Android and derivative devices after and including version 2.2 are vulnerable.

Disable MMS Auto-Retrieve to Prevent Attacks

Since the exploit works by sending an MMS that is automatically downloaded by your phone, the only way to prevent this attack is to set your phone to not automatically download MMS messages. The drawback here is that you’ll have to tap future MMS messages to download them manually, but it’s a small price to pay for security.

How to Protect Your Android Device From StageFright Exploit

Tell Your Friends: How to Protect Yourself from Android’s Biggest Security Flaw in Years

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: