Experts Found a Unicorn in the Heart of Android

Gaining remote code execution privileges merely by having access to the mobile number? Enter Stagefright.

The targets for this kind of attack can be anyone from Prime ministers, govt. officials, company executives, security officers to IT managers. 

Built on tens of gigabytes of source code from the Android Open Source Project (AOSP), the leading smartphone operating system carries a scary code in its heart. Named Stagefright, it is a media library that processes several popular media formats. Since media processing is often time-sensitive, the library is implemented in native code (C++) that is more prone to memory corruption than memory-safe languages like Java. Continue reading “Experts Found a Unicorn in the Heart of Android” →