Android users have been warned that a major security flaw, nicknamed Stagefright, allows hackers to access smartphones simply by sending a malicious text message.
The flaw is thought to affect the vast majority of Android users and means hackers can read messages, look at private photos or even spy on users through a smartphone's camera and microphone.
According to Joshua Drake, the researcher who found the flaw, hackers can exploit the vulnerability to take control of almost any Android phone simply by sending an infected video via MMS (multimedia messaging service).
The Week
Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.
Sign up for The Week's Free Newsletters
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
Users cannot even defend themselves by filtering out suspicious messages because the way Google pre-processes videos to make them quicker to view means that the bug will infect a phone "before the sound that you've received a message has even occurred," Drake said in an interview with NPR.
So far, there is no known solution for the problem, but security analysts say that Google is likely to be working on a fix that can be distributed as soon as possible, The Guardian reports.
Chris Wysopal, the chief information security officer for mobile security service Veracode said that "it will be very interesting to see how Google responds to this. They'll have to drive the patch quickly and in a manner that impacts every affected device at the same time. Waiting for handset manufacturers or carriers to issue a patch would be problematic since it could take a month or more.
"This would leave a big window for an attacker to reverse engineer the first patch issued by whichever party to create an exploit that would impact any device. We're likely to see Google force down a tool that addresses the vulnerability for everyone."
Fortune's Robert Hackett advises that the only thing users can do to try to protect themselves is to change the settings for apps that use MMS, such as Messages and Hangouts. " Un-click 'automatically retrieve MMS messages'," Hacket says. "In the meantime, consider using Snapchat or WhatsApp to swap clips, GIFs, and whatnot."
Video: 950 million Android phone vulnerable
[[{"type":"media","view_mode":"content_original","fid":"83498","attributes":{"class":"media-image"}}]]
-
5 cracking cartoons about the new Cracker Barrel logoCartoons Artists take on MAGA designs, real issues, and more
-
Should you downsize for retirement? Here's what to consider.The Explainer Moving to a smaller place may seem easier, but there are also some real benefits to staying put
-
What to do if you want to move but don't want to give up your low mortgage ratethe explainer 30-year mortgage rates are currently averaging 7% — and homeowners who secured rates closer to 3% during the pandemic are reluctant to sell their homes
-
Is AI killing the internet?Talking Point AI-powered browsers and search engines are threatening the death of the open web
-
Unreal: A quantum leap in AI videoFeature Google's new Veo 3 is making it harder to distinguish between real videos and AI-generated ones
-
Google's new AI Mode feature hints at the next era of searchIn the Spotlight The search giant is going all in on AI, much to the chagrin of the rest of the web
-
Is Apple breaking up with Google?Today's Big Question Google is the default search engine in the Safari browser. The emergence of artificial intelligence could change that.
-
Google ruled a monopoly over ad tech dominanceSpeed Read Attorney General Pam Bondi hailed the ruling as a 'landmark victory in the ongoing fight to stop Google from monopolizing the digital public square'
-
Is 'AI slop' breaking the internet?In The Spotlight 'Low-quality, inauthentic, or inaccurate' content is taking over social media and distorting search engine results
-
'Mind-boggling': how big a breakthrough is Google's latest quantum computing success?Today's Big Question Questions remain over when and how quantum computing can have real-world applications
-
DOJ seeks breakup of Google, ChromeSpeed Read The Justice Department aims to force Google to sell off Chrome and make other changes to rectify its illegal search monopoly
