Around August this year, we reported about a malware called Stagefright. This malware attacked Android devices merely through a malicious text message or MMS. The tech space panicked, Google alongside other manufacturers rushed to provide security patches to fix the bug. Same virus has struck again in another form.
Stagefright 2.0 as it’s called poses a set of two vulnerabilities that manifests when processing specially crafted MP3 audio or MP4 video files. While your devices processes these corrupted files, certain arbitrary codes can be executed. This malware sits in the metadata within the files, so simply previewing the song or video would trigger the issue.
The attack through SMS/MMS and Hangouts has been patched on some devices, but this time, you might be hit via a Web browser. This might happen by an attacker luring one to a malicious website, or by installing 3rd party apps e.g Media Players, Instant Messengers, etc. that are using the vulnerable library. The severity of the attacks vary according to your devices’ Android version.
You can install the Stagefright detector app to know if your device is vulnerable. Do not panic 😆 You’ll be fine.