Stagefright-based ‘Metaphor’ exploit can take control of your phone in just 15 seconds
The old Android malware beastie is at it again, with researchers uncovering a new Stagefright-based exploit that can be used to take control of your Samsung, LG or HTC phone in just 15 seconds. The working exploit has been dubbed “Metaphor” by the Israeli research team that discovered it.
When executed, Metaphor allows malware to be injected into a device that can access, copy and even delete data on the infected device. What’s worse is Metaphor can also be used to take control of the microphone and camera so hackers can spy on the owner and even track their location by turning on GPS. Take a look at the exploit in action below:
How does Metaphor work?
While this may sound like an obvious malware situation to some, having an app crash and restart is a pretty common occurrence, one that would be likely to sucker in millions of unsuspecting users if it fell into the wrong hands. Metaphor exploits the Stagefright vulnerability uncovered last year.
The technical paper on Metaphor from Northbit states the following:
The vulnerability is in media parsing, which means that the victim’s device doesn’t even need to play the media, just parse it.
Parsing is done in order to retrieve metadata such as video length, artist name, title, subtitles, comments, etc, so the intended victim doesn’t even have to play the media content on the infected page for the damage to be done. Although the researchers do note that the victim needs to linger on the page for the malware to do its thing. Hence the kittens in the video above.
While it is fortunate that Metaphor exists in researchers hands and not hackers’, the weakness it exploits is there for anyone that wants to use it. The research team have successfully run it on the Nexus 5, Galaxy S5, LG G3 and HTC One on Android versions 2.2 to 4.0, as well as on Android 5.0 and Android 5.1. Other Android versions are reportedly not vulnerable but you can bet that Google is already working on a patch for it.
You can read the technical paper here if you want to read up further.