Stagefright malware, two words that Android users are probably tired of hearing but like a gnat just will not leave them alone. Stagefright malware has hit Android phones in the past, several times in fact, with fixes put in place by Google fairly quickly. This latest version allows hackers to access an Android phone’s data and control key portions of the operating system. The mainstream media headlines are doom and gloom as usual, warning users they are under attack and billions of people are affected. While it’s true that a large majority of Android phones could fall prey to a hacker using the Stagefright malware, these instances have been few and far between. That’s not to say you shouldn’t be worried, just that statistically you’re likely safer than the media makes you out to be.
“Android devices with a security patch level of October 1, 2015 or greater are protected because of a fix we released for this issue (CVE-2015-3864) last year. As always, we appreciate the security community’s research efforts as they help further secure the Android ecosystem for everyone.” -Google statement-
This new Stagefright malware has been dubbed “Metaphor” and Nexus users are likely to have this all patched up and fixed quickly. Generally it’s the OEM Android makers who tend to lag behind in updates and security patches.
“The key is a back-and-forth procedure that gauges a device’s defenses before diving in. Visit a website with a maliciously-designed MPEG-4 video and the attack will crash Android’s media server, send hardware data back to the attacker, send another video file, collect additional security data and deliver one last video file that actually infects the device.
The important thing to understand about all these malware’s and security flaws is, no mobile operating system is unbreakable and simply using a mobile device opens you up to hackers. Google and Apple are both pretty diligent in keeping security a top priority for their users and you basically leave your security control at the door when you use one of their products. Hopefully Android OEMs will get on the ball for this version of the Stagefright malware and get things patched up for all users sooner than later.
Let us know your thoughts on this latest Android security scare in the comments below or on Twitter, Facebook and Google+.