Do you have a Samsung smartphone? All Samsung devices released in the last five years contain a critical vulnerability, making it relatively easy for attackers to take over. The attacker only needs to send an MMS (Multimedia Messaging Service) message. Although Samsung has released updates, not all devices will actually receive these updates.
At the root of this vulnerability are two custom image file formats, QM and QG (also known as Qmage). You can recognize these files by the extension .qmg. Sometime in the second half of 2014, Samsung added support for these file formats to the Android operating system, Security.nl reports
This vulnerability was discovered by a Google security researcher, Mateusz Jurczyk.
Run arbitrary code via specially prepared file
But how exactly does it work? An attacker who sends a specially prepared Qmage file can basically execute arbitrary code on the recipient’s device. Since no additional action by the receiving party is required in the case of an MMS message, it is an ideal attack tool. Just receiving the MMS message is sufficient, the user does not have to confirm anything, click on or otherwise show any form of interaction.
The so-called ASLR protection must be circumvented. ASLR stands for Address Space Layout RandomizationIn short, this is a security technique that aims to prevent exploitation of memory vulnerabilities. According to security researcher Jurczyk, circumventing this security is the most difficult part of the attack, but it has certainly proved possible.
Jurczyk has posted a demonstration video of this attack, which shows how the attacker takes control of the victim’s device through this attack method, can view photos and text messages, and also launch arbitrary apps. This can be seen below.
To successfully exploit this vulnerability, the attacker must send between fifty and three hundred so-called MMS “probes” to a device. On average, it would hit after a hundred times. What happens upon receiving such malicious code message is that the Messages app crashes. On Android devices, a program is restarted after a minute after several crashes, reports Security.nl
If you are busy with your phone, you will notice if something is not quite right. However, if attackers try to do it at night, you may become a victim of this attack unnoticed because you are sleeping.
Samsung labels the vulnerability as critical
On January 28 this year, Samsung was notified of this attack method, and the electronics giant labeled the leak as “critical.” Security updates have been released, but not every device will actually receive them.
Is your device no longer receiving security updates? Then you can also disable the functionality with which multimedia messages are automatically retrieved.
Open Messages > At the top right, go to the symbol with the three vertical dots> Go to Settings > Go to Advanced > Move the slider to Auto-download MMS.
More on WikiHow.
Source: Google / Samsung / Security.nl / WikiHow