How to hack using Stagefright Bug

hacked using the Stagefright bug

Earlier this year, news broke out about how millions of android devices were vulnerable to a technical glitch in the software of the platform. A vulnerability called Stagefright was made public to the people. Stagefright is Android’s native media playback library and used to play all the media files on your device.

However, a serious flaw in the library could allow an attacker to gain access to many privileged permissions by exploiting Stagefright. The permissions granted to Stagefright make its exploitation a big concern for Android users. People were really shocked to know that their devices could be hacked so easily.

hacked using the Stagefright bug
Source (WP:NFCC#4)

There are a few ways to hack an Android device using the Stagefright vulnerability. We look at them here:

Sending an MMS

This was the first and most common way of taking advantage of Stagefright. Most Android devices have the feature of auto-downloading an MMS that they receive. This MMS could have a media file that attacks the phone using Stagefright. Since Stagefright is used to play all media on Android devices, it can be misused by an attacker. On successfully exploiting it, the hacker can have privileged access to your device as he has all the permissions that Stagefright has, which is just one level short of root access.

Since Stagefright is used to play all media on Android devices, it can be misused by an attacker. On successfully exploiting it, the hacker can have privileged access to your device as he has all the permissions that Stagefright has, which is just one level short of root access.

Malicious App

Although sending an MMS is the easiest method to exploit Android’s Stagefright issue, it requires one to have the phone number of the victim. That fact made bulk attacks using MMS a tough task as the attacker would need to have a huge list of phone numbers to send the multimedia message to.

However, there is another method that does not require knowing the phone number of the victim. Attackers can use an app which contains the malicious multimedia file for exploiting Stagefright. If a user downloads this app then the multimedia file would play and the hacker would get access to the user’s device.

The PID of the media server playing the malformed media file changes, indicating that the media server has crashed and self-restarted. This self-restarting gives access to the hacker.

Webpage

As with using a malicious app, a webpage, too, could be the site of hosting a malformed media file. Whenever the user opens the webpage the media file would auto-play and attack the device in a similar fashion as the malicious app would. Both these systems require some user interaction in that a user should either use the malicious app created by the hacker or go to the webpage hosting the malformed media file.

Although this is not the case with hacking via MMS, it does have the benefit of the hacker being able to attack millions of users without needing to have their phone numbers. Using a malicious app or a webpage hosting such a media file, hackers could not only hack and steal the data from millions of Android users but also build a botnet network of Android devices hacked using the Stagefright bug.

Conclusion

Stagefright bug is a serious issue for Android developers. It makes hacking an Android user’s phone rather simple and the extent of the possible damage is nerve-rattling to say the least. Things were not helped with Android’s policy of not allowing anti-virus and anti-malware apps the necessary access privileges to handle the Stagefright bug.

Although Android has released patches and security fixes for many devices, there is still a large proportion of Android users whose devices are at the mercy of attackers. The methods discussed above can be used to hack a user’s device using the Stagefright bug.

Anonymous

Anonymous

I am the self-proclaimed tech geek, writer, and blogger. Specializes in writing guides, analyzing and renewing new spy gadgets and apps.

1 Comment

Leave a Response

share on: