275 Million Android Phones Exposed to New Hack, Security Firm Says - Polidicks

[media]https://www.youtube.com/watch?v=I507kD0zG6k[/media] [quote]If you use a phone with Android operating system, you should think twice before visiting any fishy-looking websites. Even if they promise just cute kitten videos. Some 275 million Android phones are vulnerable to an attack that uses infected online video files to spy on the devices, according to a research paper by cyber security firm NorthBit. The attack works on Android versions 2.2 •to 4.0 and 5.0 to 5.1, according to [url=http://thehackernews.com/2016/03/exploit-to-hack-android.html]thehackernews.com.[/url][/quote] [url]http://www.theepochtimes.com/n3/1998599-275-million-android-phones-exposed-to-new-hack-security-firm-says/[/url] [editline]21st March 2016[/editline] holy fuck what thread icon did i pick er, if a mod can, change that to a more appropriate icon please? thnx

What level of access does the attack gain access to? Could this possibly be used to root the device without a PC?

So they found a vulnerability that puts essentially no one at risk because you need to be targeting a specific device. And it looks like it could be an easy brute force to apply root levels. Still, I do not think this is as "big" as it sounds. [editline]Hilary is going to send you to the fema camps. Yes you[/editline] [QUOTE=DogGunn;49975711]What level of access does the attack gain access to? Could this possibly be used to root the device without a PC?[/QUOTE] This would be the difficult part of such of an attack. It would have to be extremely targeted to that device. Basically if you make your phone say a S5 report back it was a G3, it'll nullify the entire attack. That or brick you.

[QUOTE=Handsome Matt;49975767]you do know what useragents are right[/QUOTE] Yes I am. However they do contain identifiable information in there regarding what you're using. As for model/manufacturer of the phone, you'll be hard pressed to spoof the information without.

[quote]The attack works on Android versions 2.2 •to 4.0 and 5.0 to 5.1[/quote] good thing manufacturers are very good at keeping their users' phones up-to-date with the latest version of android

Haven't turn my phone on since last year. It waits in the darkness that is whatever pocket that i left it in.

[QUOTE]The attack works on Android versions 2.2 to[B] 4.0 [/B]and 5.0 to 5.1, according to thehackernews.com.[/QUOTE] So are you ok if you are on 4.4 kitkat?

[QUOTE=DogGunn;49975711]Could this possibly be used to root the device without a PC?[/QUOTE] I hope something like that comes out of this. That would be very useful.

Seems almost a requirement nowadays to spoof useragent on Android systems at the very least if you don't secure down your permissions.

[QUOTE=thelurker1234;49975779]good thing manufacturers are very good at keeping their users' phones up-to-date with the latest version of android[/QUOTE] Yeah hahahahahah Yikes :| sony pls help the m4 scrubs

Good thing I'm on 6.0.1

[QUOTE=LoneWolf_Recon;49976318]Seems almost a requirement nowadays to spoof useragent on Android systems at the very least if you don't secure down your permissions.[/QUOTE] I do that by default because all "mobile" versions of websites are godawful unless you're on a shitty gimped dataplan.

To 5.1? Does that include 5.1.1?