New Stagefright exploit: Metaphor

Discussion in 'Tech News' started by PereDroid, Mar 17, 2016.

  1. PereDroid

    PereDroid DF News Team Reporter

    Joined:
    Jan 25, 2010
    Messages:
    5,449
    Likes Received:
    3,270
    Trophy Points:
    1,563
    Location:
    Cleveland, Ohio
    Ratings:
    +3,838
    Current Phone Model:
    Moto Turbo 2
    [​IMG]

    A research Company in Israel has discovered a new, and more importantly, reliable way, to use the Google Stagefright bug to hack your phone. They are calling it "Metaphor." Unlike the previous vulnerability, which was triggered by a video in an MMS message, this one can be triggered simply by visiting a web page. They even released a paper explaining in detail what you need to do to create this exploit.

    There is some good news: if you are on Marshmallow 6.0+ you are not vulnerable to this. Also, if your manufacturer released an official Stagefright patch from the first vulnerability, you are also safe. The other 95% of you? Be careful out there!

    Edit: Google has not confirmed what I edited out.

    Source: The Register
     
    #1 PereDroid, Mar 17, 2016
    Last edited: Mar 17, 2016
    • Like Like x 2
  2. DesktopDevin

    DesktopDevin Active Member

    Joined:
    Nov 28, 2009
    Messages:
    382
    Likes Received:
    59
    Trophy Points:
    28
    Location:
    Garner, NC
    Ratings:
    +67
    Current Phone Model:
    HTC One M8
    Gotta call bull hockey on the 6.0 is protected , had to wipe my phone yesterday after a banner ad started slamming me with pop-ups in chrome claiming I had won a prize from amazon with links to "claim my prize" I captured the links it was wanting me to click on along with screen shots and forwarded it to amazon I wont post the link but here are the screenshots
     

    Attached Files:

  3. Jonny Kansas

    Jonny Kansas Administrator
    Staff Member Rescue Squad

    Joined:
    Jan 21, 2010
    Messages:
    16,488
    Likes Received:
    7,065
    Trophy Points:
    1,278
    Location:
    Michigan's Upper Peninsula
    Ratings:
    +8,407
    Current Phone Model:
    Pixel XL
    Twitter:
    jonny_ks
    There's a difference between these advertising popups and the Stagefright (or Metaphor) exploit. One might lead to another, but seeing popups doesn't mean you're not protected from this exploit if you're running the proper software.
     
    • Agree Agree x 1
  4. PereDroid

    PereDroid DF News Team Reporter

    Joined:
    Jan 25, 2010
    Messages:
    5,449
    Likes Received:
    3,270
    Trophy Points:
    1,563
    Location:
    Cleveland, Ohio
    Ratings:
    +3,838
    Current Phone Model:
    Moto Turbo 2
    Yea, that's just something you got from a sketchy website. You could have fixed that easier then doing a full on FDR. If you were "Metaphore'd" you probably wouldn't even know it right away. It sounds to me that Metaphor would be more likely to be used to spy on what you do on your phone...not serve pop ups.
     
    • Agree Agree x 2
  5. Mustang02

    Mustang02 Diamond Member

    Joined:
    Aug 8, 2010
    Messages:
    7,625
    Likes Received:
    5,115
    Trophy Points:
    1,563
    Location:
    Ohio
    Ratings:
    +6,073
    Current Phone Model:
    Nexus 6P/5X
    "Android devices with a security patch level of October 1, 2015 or greater are protected because of a fix we released for this issue (CVE-2015-3864) last year. As always, we appreciate the security community's research efforts as they help further secure the Android ecosystem for everyone.
     
    • Like Like x 2
  6. Mustang02

    Mustang02 Diamond Member

    Joined:
    Aug 8, 2010
    Messages:
    7,625
    Likes Received:
    5,115
    Trophy Points:
    1,563
    Location:
    Ohio
    Ratings:
    +6,073
    Current Phone Model:
    Nexus 6P/5X
    Non issue.
     
    • Like Like x 1
  7. DesktopDevin

    DesktopDevin Active Member

    Joined:
    Nov 28, 2009
    Messages:
    382
    Likes Received:
    59
    Trophy Points:
    28
    Location:
    Garner, NC
    Ratings:
    +67
    Current Phone Model:
    HTC One M8
    If you want to call careerbuilder "sketchy" then fine by me.

    I have seen banner ads infect machines from all walks of websites due to the fact that the website is not sketchy but the sales person that sells the adspace is so desperate for ad money that they don't check the content of the ads that are running in their available space.

    And to me doing a full wipe is no big deal as any major files or info is backed up in offline storage and can be restored in a very short time. I would much rather take the time to do a full wipe and know that I am secure after a compromise and yes runaway popups that come up even after force closing chrome and rebooting I would consider a compromise of my system.

    Yea it's not metaphor but it is something i definitely don't want hanging around.

    A clean phone is a happy phone! :cool: