Quake3World.com Forums
     General Discussion
        Android Spying


Post new topicReply to topic
Login | Profile | | FAQ | Search | IRC




Previous topic | Next topic 
Topic Starter Topic: Android Spying

The World is Yours...
The World is Yours...
Joined: 03 May 2007
Posts: 1138
PostPosted: 10-22-2015 09:43 PM           Profile Send private message  E-mail  Edit post Reply with quote


Has anyone heard about a new Android spyware called 'Stage Freight'? I figured if anyone knew it was you folks.



_________________
Be sure your sin will find you out...


Top
                 

Cool #9
Cool #9
Joined: 01 Dec 2000
Posts: 44131
PostPosted: 10-22-2015 11:24 PM           Profile   Send private message  E-mail  Edit post Reply with quote


fuck'n lol :olo:




Top
                 

Karot!
Karot!
Joined: 31 Jul 2001
Posts: 19348
PostPosted: 10-23-2015 03:20 AM           Profile Send private message  E-mail  Edit post Reply with quote


Never heard of it, but 1 minute of googling tells me it works by receiving a MMS.

Don't think i've ever received one of those seeing as they were practically outdated by the time they were invented, so yeah, not too worried.



_________________
io chiamo pinguini!


Top
                 

Cool #9
Cool #9
Joined: 01 Dec 2000
Posts: 44131
PostPosted: 10-23-2015 03:35 AM           Profile   Send private message  E-mail  Edit post Reply with quote


Ok, lol, I'll spill.

It's actually called "Stagefright" and it's not spyware but the name of an Android library that is used to (among other things) draw previews of media items in the notification area. There is a bug in this library that allows an attacker to send harmful content disguised as an image to a victim. One way of delivering such a payload is through MMS, but that's not the only way (I believe WhatsApp is susceptible to such attacks as well). Once deployed, the payload can, without user interaction, grant the attacker access to certain parts of Android that normally would be off limits.

The bug has been fixed some time ago in Android, but the real problem is that very few handset manufacturers roll out updates to fix such problems. Therefore it's very well possible that your phone is still vulnerable to such attacks.

You can use the Zimperium Stagefright detector to determine if your phone is vulnerable to attacks. If so, it could be wise to disable MMS and disable automatic media downloads in apps such as WhatsApp, Google Hangouts or other applications that can receive media items from strangers.




Top
                 

Karot!
Karot!
Joined: 31 Jul 2001
Posts: 19348
PostPosted: 10-23-2015 04:22 AM           Profile Send private message  E-mail  Edit post Reply with quote


Cheers man. I appear to be vulnerable! :(

Disabled auto media downloads in whatsapp, don't think i have any other stuff that can auto download things from strangers.



_________________
io chiamo pinguini!


Top
                 

Cool #9
Cool #9
Joined: 01 Dec 2000
Posts: 44131
PostPosted: 10-23-2015 04:54 AM           Profile   Send private message  E-mail  Edit post Reply with quote


Note that Stagefright consists of several issues identified as individual CVE's. These CVE's are displayed by Zimperium's testing tool. CVE-2015-6602 and CVE-2015-3876 were added to the detector at a later stage. Stagefright contained a similar bug for both images and audio files. Initially only the bug for images was identified and patched in Android and only at a later time the audio exploit was fixed. So if the aforementioned CVE's are the only ones in red, then your phone did receive the update to fix the problem with images but not with audio files. There's a good chance your phone will receive a fix for the audio problem as well then.




Top
                 

Risen From The Ashes
Risen From The Ashes
Joined: 03 Aug 2000
Posts: 26774
PostPosted: 10-24-2015 02:51 AM           Profile Send private message  E-mail  Edit post Reply with quote


My phone's vulnerable but I'm really not bothered. I think the chances of actually getting hit by this are pretty slim anyway :shrug:.




Top
                 

Etile
Etile
Joined: 19 Nov 2003
Posts: 34898
PostPosted: 10-24-2015 07:21 AM           Profile Send private message  E-mail  Edit post Reply with quote


"chances are pretty anyway"

weeell, maybe pretty so :p




Top
                 

Risen From The Ashes
Risen From The Ashes
Joined: 03 Aug 2000
Posts: 26774
PostPosted: 10-24-2015 10:04 AM           Profile Send private message  E-mail  Edit post Reply with quote


Ninja mod edit completed :p.




Top
                 
Quake3World.com | Forum Index | General Discussion


Post new topic Reply to topic


cron
Quake3World.com
© ZeniMax. Zenimax, QUAKE III ARENA, Id Software and associated trademarks are trademarks of the ZeniMax group of companies. All rights reserved.
This is an unofficial fan website without any affiliation with or endorsement by ZeniMax.
All views and opinions expressed are those of the author.