Create Profile

Creating your profile will enable you to submit photos and stories to get published on News24.

Please provide a username for your profile page:

This username must be unique, cannot be edited and will be used in the URL to your profile page across the entire 24.com network.

Facebook Sign-In

Hi News addict,

Join the News24 Community to be involved in breaking the news.

Log in with Facebook to comment and personalise news, weather and listings.


Android flaw lets hackers break in with a text message

28 July 2015, 09:13

San Francisco-Cyber security firm Zimperium on Monday warned of a flaw in the world's most popular smartphone operating system that lets hackers take control with a text message.

"Attackers only need your mobile number, using which they can remotely execute code via a specially crafted media file delivered via MMS (text message)," Zimperium Mobile Security said in a blog post.

"A fully weaponized successful attack could even delete the message before you see it. You will only see the notification."

Android code dubbed "Stagefright" was at the heart of the problem, according to Zimperium.

Stagefright automatically pre-loads video snippets attached to text messages to spare recipients from the annoyance of waiting to view clips.

Hackers can hide malicious code in video files and it will be unleashed even if the smartphone user never opens it or reads the message, according to research by Zimperium's Joshua Drake.

"The targets for this kind of attack can be anyone," the cyber security firm said, referring to Stagefright as the worst Android flaw discovered to date.

"These vulnerabilities are extremely dangerous because they do not require that the victim take any action to be exploited."

Malicious code executed by hackers could take control of smartphones and plunder contents without owners knowing.

Stagefright imperils some 95 percent, or an estimated 950 million, of Android phones, according to the security firm.

Zimperium said that it reported the problem to Google and provided the California Internet firm with patches to prevent breaches.

"Google acted promptly and applied the patches to internal code branches within 48 hours, but unfortunately that's only the beginning of what will be a very lengthy process of update deployment," Zimperium said.

It did not appear as though hackers had taken advantage of the Stagefright vulnerability, according to Zimperium.

Updating Android software powering mobile devices is controlled by hardware makers and sometimes telecommunication service carriers, not Google.

While Apple controls the hardware and software in iPhones, iPads, and iPods powered by its mobile operating system, Google makes Android available free to device makers who customize the code and update it as they see fit.

More about Drake's research was to be disclosed at a Black Hat computer security conference taking place in Las Vegas early in August.

For the latest on national news, politics, sport, entertainment and more follow us on Twitter and like our Facebook page!



Read News24’s Comments Policy

Comment on this story
Comments have been closed for this article.

Read more from our Users

Submitted by
William Korir
CORD to stop Jubilee efforts to r...

The CORD Coalition will not allow plans to remove Kenya from the Rome Statutes take place, it has said. Read more...

Submitted by
William Korir
How long will it take Kenya to le...

Kenya is looking to leave the ICC. But what is the process behind the exit? Read more...

Submitted by
William Korir
Jubilee resumes efforts to push K...

Kenya will this week resume efforts to leave the ICC court. Read more...

Submitted by
S Mbinya
How to treat him right

Men want to go home to a woman who makes them feel loved and appreciated. Here's how to make him feel special here: Read more...

Submitted by
S Mbinya
Kenyans demand action after femal...

This comes a few days after a female passenger was drugged and then robbed in a matatu plying the Kenyatta – Kencom route. Read more...

Submitted by
S Mbinya
Natural aphrodisiacs to boost lib...

It is advisable to take them before sex in order to achieve maximum benefit. Read more...