If you want information about the Stagefright exploit, we’ve prepared everything you need to know in five easy steps. There’s no need to worry as long as you stay in the know, and your device will be fine as long as you’re aware of how your device could potentially be hacked.
It’s nothing to get too worked up about, but it’s always best to stay aware of any potential exploits.
If you’re worried about malware we have a list of the best anti-malware apps available on Android, while you can also check out our review of Lookout if you need an antivirus app.
What is Stagefright?
Put simply, Stagefright is a bug that exposes vulnerabilities in the Android OS.
It originally made the news in 2015, when it became apparent that there was a problem with the MMS service on Android that could potentially lead to problems in the future. Any firmware up to 5.1 was said to be susceptible, and it also affected messages sent via Google Hangouts.
Google began work on patching the exploit as soon as the news broke, and most devices should now be secure. If you’re worried about your device, there are a few things you can do to check if your device is still under threat.
How can I protect my Android device from Stagefright vulnerability?
In most cases, the Stagefright vulnerability is basically a software bug that allows remote execution of arbitrary code. Once the victim’sm device is affected, the malicious code can run unnoticed even without opening a malicious media file.
NOTE: – Affected Android versions: Android 2.2 (Froyo) and newer, including 5.1.1.
To prevent the bug from affecting your Android device, here’s what you can do to protect yourself from the bug:
Step 1: Detect Stagefright Vulnerability with Stagefright Detector App
Stagefright Detector is an app released by Zimperium, a mobile security company based in the United States, the first to discover the exploit. They’re a cybersecurity firm so it’s safe to download the application to your device, and they won’t collect any of your personal information.
The app won’t be able to tell you if your device is infected, but it will be able to tell if your device could be vulnerable to the exploit.
Zimperium zLabs developed and designed this app to simply validate and ensure that you are running a version that is not vulnerable to Stagefright vulnerabilities. Furthermore, this app can help you to understand if your device is vulnerable or not.
Step 2: Disable MMS Auto-Retrieve
One of the best preventive measures that anyone can do to ensure that their Android devices are Stagefright protected is by disabling MMS Auto-Retrieve option. If you use Google Hangouts, it is also recommended to do the same for this app.
By disabling your Android smartphones MMS Auto-Retrieve option, you’ll have to tap your messages to download them instead of it being automatically downloaded and opened.
Aside from that, there’s not much else you can do. It’s a bit of a hassle to download your messages, but it’s the safest way to make sure your phone isn’t compromised if you’re running outdated firmware.
How to Disable MMS Auto-Retrieve
- Proceed to your device message settings.
- Look for MMS option and disable the auto retrieve.
Stagefright 2.0 – The Second Coming of Stagefright
What’s worse is the news that up to a billion Android smartphones could potentially be vulnerable to the latest exploit found by the Zimperium team, Stagefright 2.0. However, it is in their best interests as a cybersecurity firm to talk up the threat as much as possible.
This time, the vulnerability was found in the processing of metadata within hacked MP3 and MP4 files, which could give hackers access to your information if you accidentally clicked on a dodgy URL, or via a public Wi-Fi network.
Should You Be Worried About the New Exploit?
Should you be worried about the exploit? The honest answer is, probably not at the moment. Google will work quickly to fix any issues, and there were no confirmed cases of the exploits being used by hackers before they were found by Zimperium. As long as you stay aware, it’s highly unlikely that you will be hacked or have your personal information stolen.
It’ll probably only affect older devices that aren’t running the latest OS, so if your phone falls into that category be aware when you download any media from online resources or websites that you haven’t used in the past.
You should know have a working knowledge of the basics of the Stagefright exploits, as well as how hackers could try to steal your information.
Dodgy websites and videos should always be viewed with caution, but after the news of this exploit try to be especially aware while you’re using a shared Wi-Fi network, and update your device whenever you can.
If we’ve missed another way to tell if your device can be hacked, or you have any questions about Stagefright or hacking in general, let us know in the comments below.