The malicious video file causes users to lose control of the device 'storming' in the Android world

Are you, or your friends, relatives using Android devices?

If yes, please pay attention! During this time, you should be more careful before accessing or playing any new strange videos that appear on your smartphone, especially videos downloaded from the Internet or received via strange email.

Recently, network security experts from several reputable security groups have discovered an unusual appearance of a strange video file, which looks relatively harmless, but can have terrible consequences. against the victim's system.

  1. Your computer can be hacked after opening a document in LibreOffice

The malicious video file causes users to lose control of the device 'storming' in the Android world Picture 1 The vulnerability allows hackers to execute code remotely on the victim's Android device

Specifically, this video file was designed to specifically target the destruction of your Android smartphone through a dangerous remote code execution vulnerability, which could allow hackers to execute custom code. comments on the victim's system. According to an unofficial statistics, this new but extremely effective attack has affected more than 1 billion devices running the Android operating system worldwide, the most popular of which is devices running on Android versions from 7.0 to 9.0 (Nougat, Oreo or Pie).

This remote code execution vulnerability is currently being tracked under the name CVE-2019-2107, appearing in the Android media framework. CVE-2019-2107, rated at a high risk level because if successfully exploited, this vulnerability could allow the remote attacker to execute arbitrary code on the targeted device that the user does not well know before they can make a response.

  1. Agent Smith code is threatening 25 million Android devices

To take full control of the target device, all the attacker needs to do is trick the user into opening a malicious video file sent to the device. This video file is also specially created with the original Android video player application.

Although Google has released a small security patch earlier this month to address the vulnerability, it is clear that millions of Android devices still cannot access the latest security update, which needs to be provided by each vendor of the device, which makes light or unknown users information about this vulnerability continue to risk becoming its victim. Google briefly described this vulnerability in the July security newsletter as follows:

"This critical vulnerability is related to Android's media framework, so it can allow remote attackers to use specially crafted files to execute arbitrary code in the context of a privileged process" .

  1. Even if denied access, thousands of Android applications can still track you

The malicious video file causes users to lose control of the device 'storming' in the Android world Picture 2 This serious vulnerability is related to Android's media framework

In a related move, the famous Android application developer Marcin Kozlowski recently published proof-of-concept (PoC) on a typical strike based on CVE-2019-2107 on Github , raising concerns about if Android device manufacturers will not soon send security patches to users, the number of victims of this vulnerability will increase significantly in the near future.

In Marcin Kozlowski's PoC, the malicious file used is a HEVC encoded video. Not only does it ruin the media player, it can also help potential attackers develop new exploits to achieve the ultimate goal of completely controlling the victim's device.

However, it should be noted that if these malicious videos are sent to and received via several instant messaging applications such as WhatsApp, Facebook Messenger or uploaded to a video streaming service such as YouTube or Twitter . hackers will not be able to launch the attack. This is because the above services often compress videos and re-encode the entire media file, thereby causing the malicious code embedded in the video to be "deformed" completely, unable to work.

  1. Many Android users discover that their phones have spyware installed after traveling to China

The malicious video file causes users to lose control of the device 'storming' in the Android world Picture 3 Avoid downloading and playing random video files from unreliable sources

In short, until you get additional security patches from the publisher, the best way to avoid becoming a victim and protecting yourself from this attack is to avoid downloading and playing random video files. of course from unreliable sources, along with complying with all basic privacy and privacy guidelines.

Finally, don't forget to update your mobile operating system as soon as the latest patch arrives!

5 ★ | 1 Vote

May be interested

  • How to use FaceTime on Android?How to use FaceTime on Android?
    finally, apple also allows users of android devices to use facetime. but of course things will not be as simple as you go to the google play store, download facetime to your device, then launch the application as usual.
  • A picture worth pondering about the Android world todayA picture worth pondering about the Android world today
    many android phone users may be annoyed because apps are often available on google play store slower than iphone users. however, this annoying story comes from a quite distant cause and is also the biggest problem of android today, which is fragmentation.
  • Is iOS 16.5 error causing Lightning accessory to lose connection serious or not?Is iOS 16.5 error causing Lightning accessory to lose connection serious or not?
    the ios 16.5 error that causes the lightning accessory to lose connection with the device has been the focus of discussion in the technology world in the past 24 hours, but iphonee and ipad users are not necessarily concerned about this error.
  • If you don't want to lose money, turn off this feature immediately on TelegramIf you don't want to lose money, turn off this feature immediately on Telegram
    with their tricks, hackers can easily take control of activities in your device such as taking phone screenshots yourself. it would be very dangerous if the bank account information was revealed. please follow the instructions below if you do not want to lose money unjustly.
  • A serious security error appeared on Android that allowed hackers to control smartphones through a photoA serious security error appeared on Android that allowed hackers to control smartphones through a photo
    a serious security hole on the android operating system has just been discovered, which can help hackers run malicious code and control smartphones remotely by displaying a png image file (portable network graphic).
  • How to create ZIP files on AndroidHow to create ZIP files on Android
    the zip file format allows you to compress large files and folders into a smaller file. you can then extract these files whenever you need to use them. creating zip files is easy, and you can do it on any device you have - including android phones.
  • 5 great apps that support making Facebook avatars with videos5 great apps that support making Facebook avatars with videos
    yesterday, we showed you how to use video as facebook's avatar on ios. unfortunately, android users still have to wait a bit longer to use this feature. however, you can still prepare by pre-recording the video in your device with the support application we introduced below.
  • The application is sneaky without worrying about being discovered by others on AndroidThe application is sneaky without worrying about being discovered by others on Android
    you want to sneak on someone with an android device without wanting them to discover that you are manipulating video on your device. or simply want to silently record the 'little girl' moments of your friend group when they are chatting. so what to do? the hidden camera application will help you solve this problem simply and easily.
  • How to Convert MP3 to WAVHow to Convert MP3 to WAV
    this wikihow teaches you how to convert an mp3 audio file into a wav audio file. this is useful if you have a video or a radio program in need of an audio file that won't lose quality. you can convert an mp3 file into a wav file on any...
  • Is root Android phone still a must-do?Is root Android phone still a must-do?
    root android phones have become a part of smartphones since it became popular. with a rooted phone, you will have control over important system administration functions, allowing you to customize the device to a higher level.