275mn Android users could be hacked due to software bug, says Israeli company
A newly-discovered security glitch could leave up to 275 million Android devices at risk of being hacked, an Israeli software company has warned.
Northbit claims on its LinkedIn profile to have “a competitive edge”, “having recruited the most skilled team in software research from the Israeli Intelligence Corps”.
They reportedly found the ‘Metaphor’ glitch in Stagefright, Android’s mediaserver and multimedia library, which has been open to a number of previous exploits.
As can be seen in Northbit’s video below, and detailed in its research paper, a phone user running the Google-owned software would have to click an infected link directing them to a website, which would then allow the virus to be installed on the phone, giving the hacker the ability to control the device remotely
The hack involves bypassing a device’s “address space layout randomization” (ASLR), or for those of us who have no idea what that means, it’s a kind of memory protection process and can take anywhere between a few seconds to two minutes to complete.
“Our research managed to get it [the attack] to the level of production grade, meaning that everyone – both the bad guys and good guys, or governments – could use our research in order to facilitate it in the wild,” said Northbit’s co-founder Gil Dabah, aka Arkon.