Scam of the day – July 31, 2015 – Major vulnerability in Android phones discovered

by | Jul 31, 2015 | Scam of the day, Site Related

The bad news is that Zimperium, a security company discovered a serious vulnerability in Android phones, affecting 95% of the world’s Android phones including various models of the Samsung Galaxy.  The worse news is that the vulnerability which would enable a hacker to steal data from hacked smartphones is found in the Android media playback tool called Stagefright and that depending on the messaging platform used by the individual smartphone user, the text message used to send the malware would not even have to be opened in order for the malware to be downloaded automatically.  For other messaging platforms, the text message would have to be opened for the smartphone to become infected, but even then, it would not be necessary for the video to be viewed to infect the smartphone.  All that would be required would be for the text message to be opened.  The good news is that not only has Zimperium created patches for this problem and sent them to Google, which owns Android software, but that apparently, as of now, this vulnerability has not yet been exploited by hackers.  But that is it for the good news, because software patches for Android system smartphones are not distributed by Google, but by the actual phone makers, such as Samsung, LG and Huawei that use the system and the wireless carriers used by Android phone system consumers and they have not been active in providing the patch which Google has already sent to the phone makers and wireless carriers.  Although, it appears that this vulnerability has not yet been exploited by cybercriminals, it would be naive and foolish to believe that it will take long, now that the vulnerability has been uncovered for hackers to start exploiting it.

TIPS

If you have an Android system smartphone, which 79% of the world’s smartphone users do, you should contact your smartphone company and your wireless carrier to demand the security patch for your smartphone.  Meanwhile, Android users with the Hangouts app for text messaging should be particularly wary of text messages with videos attached because as soon as their phones receive the text message, their smartphone becomes infected without even opening the text message.  However, users of the Hangouts app can go to Settings and chooses SMS and make Hangouts your default SMS app and uncheck the box for “Auto-retrieve MMS.”  This will enable you to screen incoming MMS messages in order to avoid downloading malware.  Those people using the standard Messenger app would need to open the text message before their phones would become infected although, they would not have to watch the video in order for their phone to become infected.