Stagefright 2.0 Hack Threatens 1 Billion Android Users: Here’s What You Should Know

Source: AP
Source: AP

An Android device virus called Stagefright 2.0 is threatening over 1 billion smartphones, tech security company Zimperium Mobile Security reported Thursday. Experts indicate that hackers will be able to access users' private data and even control the phone once infected. The upgraded bug comes in the form of an MP3 or MP4 media file that can immediately attack a phone after the MP3 file is played.

Zimperium has been tracking the vulnerability since it was discovered in April. It has now reported the bug has taken on a new form when inside audio and video files. Android updated its devices with security measures and patches after the first Stagefright virus, which infected users in the form of an MMS message, but that technology won't protect devices from getting hit with the latest version, according to the Mirror.

According to Zimperium Security, hackers can access any aspect of a user's phone infected with Stagefright 2.0. Their company blog states: "The vulnerability lies in the processing of metadata within the files, so merely previewing the song or video would trigger the issue. Since the primary attack vector of MMS has been removed in newer versions of Google's Hangouts and Messenger apps, the likely attack vector would be via the Web browser."

How it works: According to Zimperium, the virus initially will attack an Android user after he or she clicks on an MP3 or MP4 file containing the bug. "An attacker would try to convince an unsuspecting user to visit a URL pointing at an attacker controlled website." A hacker can simply infect the device by lacing Stagefright 2.0 through an unencrypted network or any 3rd party apps. 

What's being done: Zimperium immediately notified Google, along with the Android Security Team, of the Stagefright 2.0 bug. Google has also included the virus in its Nexus Security Bulletin, scheduled for release next week. Zimperium writes, "As more and more researchers have explored various vulnerabilities that exist within the Stagefright library and associated libraries, we expect to see more vulnerabilities in the same area."

How likely are you to make Mic your go-to news source?

Chris Riotta

Chris Riotta is a culture reporter at Mic, covering news, music and entertainment. He is based in New York and can be reached at criotta@mic.com

MORE FROM

Dow Jones won’t talk about its reported pay gap problem

A study released by the union representing Dow Jones employees found evidence of a "significant pay gap between men and women" who had the same job title and level of experience.

Mom slams ACA repeal, shows what's at stake in a tweetstorm about son's health

This mom says that without the ACA, her son wouldn't get the medical care he desperately needs.

Theresa May announces pact with Northern Ireland's conservative DUP

10 of the DUP's MPs will vote alongside May's party in exchange for more than $1 billion of funds.

Supreme Court will hear case of baker who refused service to gay couples on religious grounds

The Supreme Court will take on the case of a bakery owner who refused to bake a cake for a gay couple.

'Hot Mic' podcast: Health care opposition, Trump on Russian meddling & Pakistan tanker explosion

The important stories to get you caught up for Monday morning.

Dozens missing after tourist boat carrying more than 160 passengers sinks in Colombia

At least six people are confirmed dead and dozens more unaccounted for.

Dow Jones won’t talk about its reported pay gap problem

A study released by the union representing Dow Jones employees found evidence of a "significant pay gap between men and women" who had the same job title and level of experience.

Mom slams ACA repeal, shows what's at stake in a tweetstorm about son's health

This mom says that without the ACA, her son wouldn't get the medical care he desperately needs.

Theresa May announces pact with Northern Ireland's conservative DUP

10 of the DUP's MPs will vote alongside May's party in exchange for more than $1 billion of funds.

Supreme Court will hear case of baker who refused service to gay couples on religious grounds

The Supreme Court will take on the case of a bakery owner who refused to bake a cake for a gay couple.

'Hot Mic' podcast: Health care opposition, Trump on Russian meddling & Pakistan tanker explosion

The important stories to get you caught up for Monday morning.

Dozens missing after tourist boat carrying more than 160 passengers sinks in Colombia

At least six people are confirmed dead and dozens more unaccounted for.