/?pid=16094

Updated:06:28 PM EST Feb 07
this is ggmania.com subsite

NEWS
rss feed 
 
top 100
archive
ARTICLES
CD/DVD tools
Free Antivir
Security
Drivers
Utilities
FORUMS
LINKS


(C) 2006-2025 TechAmok Independent
All Rights Reserved.


 
 Most Android phones can be hacked with a simple MMS - TechAmok

Most Android phones can be hacked with a simple MMS - [security]
04:02 PM EDT - Jul,27 2015 - post a comment

The vast majority of Android phones can be hacked by sending them a specially crafted multimedia message (MMS), a security researcher has found. The scary exploit, which only requires knowing the victim's phone number, was developed by Joshua Drake, vice president of platform research and exploitation at mobile security firm Zimperium. Drake found multiple vulnerabilities in a core Android component called Stagefright that's used to process, play and record multimedia files. Some of the flaws allow for remote code execution and can be triggered when receiving an MMS message, downloading a specially crafted video file through the browser or opening a Web page with embedded multimedia content. There are many potential attack vectors because whenever the Android OS receives media content from any source it will run it through this framework, Drake said. The library is not used just for media playback, but also to automatically generate thumbnails or to extract metadata from video and audio files such as length, height, width, frame rate, channels and other similar information. This means that users don't necessarily have to execute malicious multimedia files in order for the vulnerabilities found by Drake to be exploited. The mere copying of such files on the file system is enough.

The researcher isn't sure how many applications rely on Stagefright, but he believes that just about any app that handles media files on Android uses the component in one way or another. The MMS attack vector is the scariest of all because it doesn't require any interaction from the user; the phone just needs to receive a malicious message. For example, the attacker could send the malicious MMS when the victim is sleeping and the phone's ringer is silenced, Drake said. After exploitation the message can be deleted, so the victim will never even know that his phone was hacked, he said. The researcher didn't just find the vulnerabilities, but actually created the necessary patches and shared them with Google in April and early May. The company took the issues very seriously and applied the patches to its internal Android code base within 48 hours, he said.


Add your comment (free registrationrequired)

Short overview of recent news articles

Feb,07 2026 Headphones with Noise Cancelling that Don't Stick in your Ear -
Feb,07 2026 Microsoft Just Killed Your Old Printer: Legacy Drivers Officially
Feb,06 2026 RenEngine Loader and HijackLoader Duo Infects Over 400,000 Gamers in
Feb,06 2026 EpsteIn Tool: Check If Your LinkedIn Contacts Appear in 3.5 Million
Feb,05 2026 Bitcoin's $64,000 Reality vs. $87K+ Production Costs Sparks
Feb,05 2026 Crypto Analyst Issues Urgent 'Final Warning' on XRP: Claims
Feb,04 2026 AI-Powered Breach: Hacker Claims AWS Kingdom in Under 10 Minutes
Feb,04 2026 Microsoft Axes Standalone SharePoint and OneDrive Plans in Push to
Feb,04 2026 Nvidia's $100 billion OpenAI deal has seemingly vanished
Feb,04 2026 The Best 14" Gaming Laptops Right Now
Feb,04 2026 The Solution to the RAM Crisis is... DDR4???
Feb,03 2026 Google Meet can now join Microsoft Teams calls
Feb,03 2026 The Devil Wears Prada 2 - Official Trailer (2026) Meryl Streep, Anne
Feb,02 2026 *EPSTEIN HAD THE SEC SUE RIPPLE/XRP - HOLY SH*T | Gensler Worked For
Feb,02 2026 Mozilla Firefox is making it super easy to turn off its generative
Feb,01 2026 Windows 11 quietly gets a new security feature to protect system
Feb,01 2026 WARNING: TRUMP & RIPPLE/XRP SECRET AGREEMENT AT DAVOS
Feb,01 2026 China's new RAM company, CXMT, is selling RAM at $138
Feb,01 2026 Windows keeps a permanent record of every USB device you've ever
Feb,01 2026 Intel Is BACK - Panther Lake Changes Everything
Jan,31 2026 NVIDIA Releases GeForce Security Update Driver 582.28 for Legacy
Jan,31 2026 AMD 'Zen 6' CCD Packs 12 Cores, 48 MB L3 Cache
Jan,31 2026 Microsoft Set to Disable Legacy NTLM Authentication by Default in
Jan,30 2026 NVIDIA GeForce 591.86 WHQL Driver
Jan,30 2026 iOS 26.3-Important New iPhone Location Privacy Feature Coming Soon
Jan,29 2026 I Made the Ultimate Steam Machine Before Valve
Jan,29 2026 Wardriver - Official Trailer (2026) Dane DeHaan, Sasha Calle,
Jan,28 2026 Apple Intros Improved AirTag
Jan,28 2026 US Version of TikTok off to Bumpy Start; Competitors Surge
Jan,28 2026 Google Chrome no longer needs you, as Gemini takes the driving seat
Jan,27 2026 Premium Subscriptions Coming to Facebook, Instagram, WhatsApp
Jan,25 2026 Windows 11 Best For Gaming? Windows 11 25H2 vs. Windows 10
Jan,24 2026 Microsoft Says Uninstall This Windows Update Immediately (KB5077744
Jan,22 2026 Xbox Developer Direct Livestream 2026 | Fable, Forza Horizon 6,
Jan,22 2026 Iridium Begins Testing its own Satellite Service for Phones
Jan,22 2026 AMD Releases Adrenalin Edition 26.1.1 WHQL Drivers
Jan,18 2026 AI in 2050
Jan,17 2026 iOS 26.2 Fixes Major Security Flaws
Jan,17 2026 Google Links its AI to Your Gmail and Photos for "Personal
Jan,17 2026 Fastest Koenigsegg v Fastest Bugatti: DRAG RACE
>> News Archive <<

TechAmok - Privacy Policy        loading time:0.01secs