Are you, or your friends or relatives using an Android device?
If yes, please pay attention! During this time, you should be extra careful before accessing or playing any strange new videos that appear on your smartphone, especially videos downloaded from the Internet or received via strange emails.
Recently, cyber security experts from several reputable security groups have discovered the unusual presence of a strange video file, which looks relatively harmless, but can have terrible consequences. to the victim’s system.
- Your computer may be hacked after opening a document in LibreOffice
The vulnerability allows hackers to execute code remotely on a victim’s Android device
Specifically, this video file is designed to specifically target the destruction of your Android smartphone through a dangerous remote code execution flaw, which could allow hackers to execute custom code. intent on the victim’s system. According to unofficial statistics, this type of attack is nothing new but extremely effective, affecting more than 1 billion devices running the Android operating system worldwide, the most common of which is devices running on Android versions 7.0 to 9.0 (Nougat, Oreo or Pie).
This remote code execution flaw is currently being tracked with the identifier CVE-2019-2107, which appears in Android’s media framework. CVE-2019-2107, rated on a high risk level because if successfully exploited, this vulnerability could allow a remote attacker to execute arbitrary code on the targeted device without the user’s knowledge. or know before they can take countermeasures.
- Agent Smith is threatening 25 million Android devices
To gain full control over the target device, all the attacker needs to do is trick the user into opening a malicious video file sent to the device. This video file is also specially made with the original Android video player application.
Although Google released a small security patch earlier this month to address the vulnerability, it is clear that millions of Android devices still have no access to the latest security update, which should be provided by each manufacturer of the corresponding device, which leaves users with little or no information about the vulnerability continuing to risk being a victim of it. Google briefly described this vulnerability in the July Android security bulletin as follows:
“This critical flaw is related to Android’s media framework, so it could allow remote attackers to use specially crafted files to execute arbitrary code in the context of a privileged process.” .
- Even if access is denied, thousands of Android apps can still track you
This critical flaw is related to Android’s media framework
In a related move, renowned German Android application developer Marcin Kozlowski recently posted proof-of-concept (PoC) of a typical CVE-2019-2107 based attack on Github. , raising concerns that if Android device manufacturers do not soon send security patches to users, the number of victims of this vulnerability will increase significantly in the near future.
In Marcin Kozlowski’s PoC, the malicious file used was a HEVC encrypted video. Not only does it damage the media player, it can also help potential attackers develop new exploit plans to achieve the ultimate goal of complete control of the victim’s device.
However, it should be noted that if these malicious videos are sent to and received via some instant messaging apps like WhatsApp, Facebook Messenger or have been uploaded to a video streaming service like YouTube or Twitter … hackers will not be able to launch the attack. This is because the aforementioned services often compress videos and re-encode the entire media file, thereby making the malware embedded in the video completely “deformed”, unable to take effect.
- Many Android users find their phones installed with spyware after traveling to China
Avoid downloading as well as playing random video files from untrusted sources
In short, until you receive an additional security patch from the publisher, the best way to avoid becoming a victim and protect yourself from this attack is to avoid downloading and playing random video files. however, from untrusted sources, along with compliance with all basic security and privacy guidelines.
Lastly, don’t forget to update your mobile operating system as soon as the latest patch is delivered!