Trending Now

New 'Metaphor' Android virus can hack all android smartphones within seconds

A newly-discovered security glitch could leave up to 275 million Android devices at risk of being hacked, an Israeli software company has warned.
They reportedly found the 'Metaphor' glitch in Stagefright, Android’s mediaserver and multimedia library, which has been open to a number of previous exploits.
As can be seen in Northbit’s video below, and detailed in its research paper, a phone user running the Google-owned software would have to click an infected link directing them to a website, which would then allow the virus to be installed on the phone, giving the hacker the ability to control the device remotely.
The exploit also bypasses address space layout randomization (ASLR) on Android Lollipop versions 5.0 and 5.1.
Touted as the bug the 'worst Android vulnerabilities discovered to date,' the problem is heightened as it is up to the Android vendors to push forth Google's patches.
All that a potential attacker needs to do is lure the victim to a crafted page containing a malicious MPEG-4 multimedia file. This leads to a crashing of the Android's media servers and resets it. Following this, malicious JavaScript hosted on the Web page forwards device data to the cyberattacker's server.
Google has said that devices running the October 1, 2015 security update level or greater are protected against the bug and so are newer devices running Android Marshmallow. While the latest Android Marshmallow also comes patched against the bug, older versions are still at risk.
Devices running Android 2.2 to 4.0, as well as 5.0 and 5.1, are most susceptible, with Nexus 5 devices, the HTC One, LG G3, and Samsung S5 all successfully hacked by Northbit.
The company estimates, however, that around 275 million devices are open to being hacked in such a way as they either lack ASLR or can be breached with this newly-discovered method.
In 2015, there were two separate bugs discovered in Stagefright, leaving a billion devices open to exploitation when users tried to preview a song or video online.