Skip to main content
  1. Home
  2. Mobile
  3. News

Everything you need to know about Stagefright 2.0, Android’s newest security threat

By

The scare that the original Stagefright hack caused is back in a reboot called Stagefright 2.0. This new strain was discovered by Zimperium zLabs, the same folks who found the original vulnerability.

Unfortunately, the really bad news is that Stagefright 2.0 affects almost every Android device ever released. According to Google’s latest stats, that’s about 1.4 billion devices worldwide. Even worse, it doesn’t matter if your device received a patch for the original Stagefright hack because this is a completely new vulnerability.

Recommended Videos

What is Stagefright 2.0?

Stagefright 2.0 is actually very similar to the original in that it deals with a media file containing malicious code that once executed, will give a hacker control of your device. In the case of Stagefright 1.0, it dealt with MP4 video files, but Stagefright 2.0 code can be executed from both MP4 video and MP3 audio files.

Related

Just like the original, hackers would have access to all your data, and even be able to access the microphone and camera once the malicious code is executed.

The name Stagefright comes from the media playback engine in Android that has the same name. This playback engine is where the vulnerability resides, which Stagefright 2.0 can take full advantage of.

There are two vulnerabilities of Stagefright 2.0. The first one resides in libutils and affects almost every Android device since 2008. The second one resides in libstagefright and can be used on devices running Android 5.0 and higher.

How it works

The hacker would need to get an MP3 audio or MP4 video containing the malicious code on your device. The process of merely previewing the song or video would set the malicious code in motion.

The original Stagefright hack involved sending an MMS message of the malicious video file that Google Hangouts or other third-party Messenger apps would receive and automatically download. Patches have been issued for a number of devices, but users who don’t have a patched phone also have the ability to defend themselves by setting their apps to not download such media files automatically.

Since hackers can no longer use Google Hangouts or other Messenger apps, they have to use other methods to get a media file with Stagefright 2.0 code on your device. This can be done via a Web browser in that the victim is duped to visit a URL that is controlled by the attacker. An attacker could also use third party apps that would automatically install and possibly play a malicious media file. Finally, an attacker could manipulate your device by using common traffic interception techniques (MITM) if they are on the same network. This one is the least likely.

What is Google and other manufacturers doing?

Zimperium notified the Android Security team on August 15, and Google will issue a fix for the first vulnerability (libutils) next week. This will be pushed to Nexus devices, and is likely going to be included in the Android 6.0 Marshmallow update. Google has assigned CVE-2015-6602 to this vulnerability.

Google has yet to assign a Common Vulnerabilities and Exposures (CVE) number to the second vulnerability (libstagefright), so it’s not clear when a patch will be issued.

Zimperium also sent an update to the company’s Zimperium Headset Alliance (ZHA), which includes most major Android manufacturers. This information can be used by manufacturers to patch existing and upcoming devices.

Unfortunately, it’s unlikely that older devices, especially two years an older, will ever get the update. Manufacturers notoriously abandon older devices. While newer devices will likely receive the update, they will most likely get delayed due to carrier testing.

How can you defend yourself?

Unfortunately there isn’t much you can do at the moment, but we recommend the following:

  • Always download apps from Google Play or the Amazon App Store. Avoid other app stores, and do not sideload apps from untrusted sources.
  • Pay attention to the websites you’re visiting and don’t click on links in emails and text messages from people you’re not familiar with.
  • Download the Stagefright Detector app to find out if you’re device is affected. As of the time of this post, the app cannot detect Stagefright 2.0, but Zimperium will be updating it once Google issues its patch.

We will continue to update this post when Google and other manufacturers issue patches or if any new methods of defending yourself are discovered.

Editors’ Recommendations

Topics
Robert Nazarian
Robert Nazarian
Former Digital Trends Contributor
Robert Nazarian became a technology enthusiast when his parents bought him a Radio Shack TRS-80 Color. Now his biggest…
Android 12L: Everything you need to know about the big screen update
Android 12L on tablets.

Google has finally released Android 12L, an operating system aimed at building out the Android 12 experience for large-screen devices, including foldables and tablets. Even Chromebook users will also benefit from the update, though Google isn't clear on how.

Up until now, Android tablets have just run an overblown version of the mobile OS on a larger screen. Whether it be an 8-inch tablet or a 12-inch slate, there have been no optimizations for larger screens in Android other than that made manually by the likes of Samsung and Huawei. All of it is set to change with Android 12L. It will finally bring features to take full advantage of a larger display. Here's what to expect from the update.
 L stands for larger screens

Read more
Google Pixel 3 and Pixel 3 XL: Everything you need to know
Pixel 3 and 3 XL are now out of support

Since their release in October 2018, the Google Pixel 3 and the Google Pixel 3 XL offered some significant upgrades over their predecessors, while still clearly belonging to the Pixel family. Read our full reviews of the Google Pixel 3 XL and Pixel 3 for all the details.

On top of the usual processor upgrade, both Pixels sport a dual-lens, front-facing camera designed to elevate your selfie game to the next level, some additional software smarts to get the best from the single-lens main camera, and support for Qi wireless charging. Google's design has also been refined compared to the Pixel 2 and Pixel 2 XL. Here's everything you need to know about the Pixel 3 and 3 XL and their most recent update now that they've reached the end of their life cycle.
Updates
The Pixel 3 and 3 XL have reached their end of life
As Google promised, the Pixel 3 and 3 XL received three years of software and security updates, taking them from Android 9 through Android 12. Google confirmed to Digital Trends that the Pixel 3 and 3 XL received their last security update in October 2021. As witg the Pixel and Pixel 2, there will be one more "wrap up" update in the first quarter of 2022.
Google Pixel 3

Read more
Everything you need to know about iCloud+
Person using iPhone and MacBook.

Apple's iCloud subscribers are about to get a huge bargain with the new iCloud+ (pronounced "iCloud Plus") subscription, available when iOS 15 releases this fall. It represents a huge expansion of the current iCloud premium service at no extra charge, with new privacy features at its core.

Apple's iCloud -- successor to iTools, .Mac, and MobileMe -- was set up as a cohesive group of cloud services to secure and sync your content and apps across all your devices. This makes all your photos, files, notes, contacts, and reminders available no matter where you are by signing in from a supported web browser. The default free iCloud offers only 5GB of online storage for free, but its various paid subscription plans allow you to add storage and other valuable services for a fee.

Read more