StageFright Exploit Awareness : What You Need to Know

Standard

Screen-Shot-2015-07-27-at-10.32.45-1940x1271

Do you think sending and receiving video text is risk free? Believe it or not, it is now as easy as getting a common computer virus. There is a new exploit called ‘stagefright’ that is sent via video within a text message. The virus uses the android process named ‘libStageFright’ (which is built into every android device) to steal information. Android Central states, “the gist is that a video sent via MMS (text message) could be theoretically used as an avenue of attack through the libStageFright mechanism (thus the “Stagefright” name), which helps Android process video files. Many text messaging apps — Google’s Hangouts app was specifically mentioned — automatically process that video so it’s ready for viewing as soon as you open the message, and so the attack theoretically could happen without you even knowing it.”

Since it is exploiting a function on the device, a high number of android devices are vulnerable, but for the most part, there is a built in defense on about 95 percent of all devices as long as they are using Android Version 4.0 or higher. This protection is called ‘Address Space Layout Randomization’ and allows for software to not store its data in the same places so finding data is random. This is not a perfect fix, but does help.

Some good news is that this was not discovered by hackers so many are not exploiting it. Many large cell phone providers, such as HTC, Motorola, and Google, are working to release patches and updates to fix this vulnerability.  There are also a few free detector apps that are available on Google Play that help detect vulnerabilities. You can install the StageFright Detector App here.

If you have any questions about virus vulnerabilities, give Everon a call at 888-244-1748. We’re happy to help!

Will Ransomware Cell Phone Attacks Reach the U.S.? (And what to do if you get infected)

Standard

 

cell phone attackTwo weeks ago they hit iPhone users in Australia and New Zealand. This week the reports came in that they’d hit Android users in Eastern Europe, specifically Ukraine. We’re watching, waiting to see if-and-when one of them will hit Western Europe and the U.S. — Oleg Pliss and his kin, Simplocker. They’re not people; they are a new round of cell phone viruses, and the difference is that they’re ransomware. Pay them money, or they threaten to hold your contacts, pictures, or even your whole cell phone hostage.

Sound familiar?

No, viruses for cell phones aren’t new. In fact, there’s a whole slew of mobile device virus protection software (Lookout, AVG, Avast, etc.). Trouble is, ransomware is notorious for getting around anti-virus protection.

Early reports indicate that, at least in the case of Ukraine’s Android virus, Simplocker, the level of encryption isn’t as complex as Cryptolocker. That doesn’t make it any less annoying, though. And according to some reports it does no good to try to pay Oleg’s ransom because the payment is linked to a PayPal account that doesn’t exist.

So, being a bit freaked out about this (even though my phone is a Windows platform, which hasn’t yet been affected), I asked my guys, the techs here at Everon, what I should do if my phone were hit by ransomware.

“The best thing you can do is to just wipe your phone,” Jeff Woods, one of our experienced L2s, said.

“And then reload all of your info from your backup,” Frank Lindsey, the L1 Supervisor added.

Um, okaaaay…? I felt like a kindergartener in college. Wipe my phone? And… is it automatically backed up? How do I do that if it’s not?

“Well,” Frank said, “if your cell phone is registered with us, at Everon, you could call and we can do a factory wipe for you. Or most cell phone providers can also do that, if you just call Sprint, AT&T, Verizon, or whomever.”

“Alternately,” James Schaffer, another of our L2s, said, “you could perform your own wipe in your phone’s settings.”

I checked my phone’s settings and couldn’t find where to do this. James told me to go to “Settings” –> “About,” and then click the button that says “Reset Your Phone.” (Of course, this only works if your phone isn’t locked by a virus.)

As far as doing backups, it turns out most phones do have automatic backup features. But iPhones, for instance, have to be plugged into your computer to perform their backups – something many iPhone users never do (they only charge the battery). And then there are the settings on the backup. If you’ve only told it to back up your contacts, you run the risk of losing any pictures you haven’t manually saved. (Or already posted to Facebook.)

There are programs you can use to do your auto-backups, too. Google Drive will automatically backup your mobile data. Dropbox, Picassa, Facebook, and Google+ are other sites that will also perform auto-backups on your data and/or photos if you adjust their settings correctly. (Ah, more settings. Good thing I have tech support here!)

So if your mobile data is all backed up, and you do get infected with something evil that needs last-resort measures, like ransomware, all you have to do is wipe and restore. (One site I found estimated this process would take no more than an hour.) Easy-peasy. If you’ve backed up your data.

Sometimes the best defense is just the ability to recover.

Wolverine