Skip to main content

Stagefright Variant ‘Metaphor’ Puts Millions Of Samsung, LG and HTC Phones At Risk

posted onMarch 18, 2016
by l33tdawg

Millions of Android users are at risk of a new Metaphor exploit that can take over Samsung, LG and HTC phones in under 20 seconds. The hack gives attackers access to the targeted phones including the ability to inject malware and take control over key smartphone functions.

Discovered by Israeli-based security firm NorthBit, the vulnerability is yet another flaw tied to the maligned Stagefright vulnerability in Android. Affected phones are Nexus 5, LG G3, HTC One and Samsung Galaxy S5 handsets. NorthBit also claims phones running Android 2.2, 4.0, 5.0 and 5.1 are also at risk to Metaphor.

Metaphor works by sending a message to the victim containing a link to a website hosting a video. Victims attempting to load the video experience a crashing of the video player, according to NorthBit researchers. As the video player crashes and restarts, data regarding the smartphone’s hardware and software are transmitted to an attacker who can check for the presence of the vulnerability. Next, a new video is sent to the phone along with malware that is exploited within the phone’s mobile browser that gives attackers control over the phone.




You May Also Like

Recent News

Friday, January 19th

Thursday, January 18th

Monday, January 15th

Friday, January 12th

Thursday, January 11th

Wednesday, January 10th