Stagefright it’s here again. Actually it never really disappeared. Now the Stagefright bug has new targets and the updates that Google and other brands released to their devices are now useless against this new attack method. Users are being targeted with faked audio files that exploit the multimedia preview function in Android to gain access to sensitive areas of a user’s devices.
The company that found this new Stagefright bug was Zimperium Security, which isn’t covered by the two rounds of security patches released since July.
The audio files are sent in an mp3 or mp4 file that is encoded with a malicious program and can compromise the Android file system and its security. What’s even more concern it’s that the hackers can use a public Wi-Fi hotspot to infect devices by having them download a file or visit an infected site to infect their phone.
Google is working on fixing the Stagefright exploit in the core code of Android that is distributed to OEMs. A security patch will be available in the October monthly security update that will roll out to Nexus phones on October 5th.
he security and confidentiality of the files in our devices are very important and a threat like this it’s worrying all the Android community. Let’s hope that other brands follow this example as well. T