Results for stagefright

Threat Research

CryptoGirl on StageFright: A Detailed Explanation

Update Aug 28, 2015: Typos in the final table: CVE-2015-3864 does not concern covr but tx3g. CVE-2015-3828 does not occur for yrrc. Detecting the PoCs published by Zimperium is not difficult: you can fingerprint the PoCs, for example. Detecting variants of the PoCs, i.e., MP4s that use one of the discovered vulnerabilities, is far more difficult. I'll explain why in a moment. First, apart from here (in Chinese), there hasn't been so much in the way of technical details. Getting into the guts of StageFright...

By Axelle Apvrille August 25, 2015

Threat Research

StageFright, Telegram Stage-Left & WhatsApp Stage-Right

You've heard about StageFright, right? Where a malicious MMS compromises an Android handset by exploiting vulnerabilities on the phone's mediaserver. Are you aware that StageFright is not an MMS issue, but an issue with anything that will try to open a malicious MP4? If not, you are now, and I hope I am about to convince you even more thouroughly below... Telegram Yes, for instance, StageFright occurs with Telegram. The only (fortunate) difference is that Telegram does not preview the MP4, so it will only crash if you open the video...

By Axelle Apvrille August 14, 2015

Industry Trends

I've Got 99 Problems and Quite a Few of Them Are Android

Until relatively recently, mobile malware wasn't that different from early PC malware - It was annoying, it probably invaded your privacy, and it took a toll on system resources but it wasn't especially dangerous or costly in the way that modern weaponized malware used to attack PCs, servers, and point-of-sale systems was. And just as early malware primarily targeted a single OS (Windows), mobile malware remains almost exclusively a problem for Android. However, it appears that Stagefright has served as something of a wakeup call for the...

By Chris Dawson August 12, 2015