Receiving MMS on Android phones can seriously harm it; Hackers exploiting Android bugs?
Is Android phone secure?
The answer to that could be both ‘yes’ and ‘no’, while the security companies keep getting better every day at offering slew of security products for Android phones, some researchers with Zimperium have discovered code vulnerabilities in Android OS that could affect 95% of Android phones, i.e., 950 million Android devices globally. All that a hacker has to do is send an MMS message to any user.
The details of the android bug were released by the company during the Black Hat USA 2015 held in Las Vegas.
So, will I be affected by the Android MMS Vulnerability?
The vulnerability affects Android-based devices 2.2 version onward. It is fairly easy to get affected by a malicious code. All that a hacker has to do is insert exploiting codes in an MMS message and send it to users. The users may not even notice or see anything like a notification or a message beeping, since the Android vulnerability allows the hacker to modify the device’s behavior.
Once the MMS is sent to a device successfully, the hacker gets an easy pass with heightened privileges, especially to access audio and camera features.
What will Android MMS do to my phone?
Since the vulnerability allows access to audio and camera, the hacker could spy on the user by listening to conversations and view surroundings through the camera and track a user’s movements. At worst, the hacker will be able to take complete control of the device. While the whole internet goes gaga over the Android MMS fiasco, some experts have said that it may not all be that easy to exploit the vulnerability.
How can I fix Android MMS vulnerability?
The company that found the Android bug had already reported the issue to Google and recommended patches were submitted. However, to install the patches, it would require a user to install the update OTA. This puts those users who don’t update their devices regularly or keep their phones connected to Wi-Fi at risk. Moreover, a user has to accept the firmware update manually. This puts a lot of Android phones still at risk even though the patch has been released.
Until now, Google has reported that there is no known reported incident of a device being compromised by this bug. This may be true but given the fact that many would not even be aware if their device gets compromised, it is difficult to know whether devices have been affected by MMS bug or not. But for now, it is better to keep the phone updated to the latest version of the firmware and install other necessary app updates.