Monday, 3 August 2015

Andriod users - How to Protect yourself from Stagefright Exploit

If you have an Android device running versions Froyo 2.2 to Lollipop 5.1.1 then your device is at risk from the Stagefright exploit.


All the attacker needs is your phone number, and it works by them sending an MMS with a video payload.

Most Android messaging apps are set by default to auto-download MMS content, so unless you disable this feature in each messaging app (WhatsApp, Messenger, Google Hangouts, Messaging, etc), there is nothing that will prevent your device being infected.

Go through each app that has the potential to receive MMS Video content and disable the Auto-Download features of each.

Failing to do this will allow attackers to run remote code and ultimatley take over your phone, the data stored within and hardware features such as camear and Microphone!

If you use your mobile for work (email, etc), this could also put network account credentials at risk.


Even after disabling auto-download in these apps, you are still at risk, but you will need to tell your device to download the file, so be extra cautious at what you allow to download.

No comments:

Post a Comment