1 Billion Android Smartphones Can Be Infected By Watching Videos
By: Jim Stickley and Tina Davis
December 16, 2019
Android mobile users with OS 7.0 through OS 9.0 running on their device need to beware of using them to watch video files. This advice comes from researchers who discovered that watching innocent videos can expose an Android OS to a hacking vulnerability. Strangely enough, a cute kitten video sent in an email or grabbed off the internet can compromise a mobile device. A device can be hacked with an innocuous, but infected video as the bait. It’s created by cybercriminals who trick users into playing it and the Android device’s own video application is used as the gateway. To date, only Google has released a security patch for the flaw and made it public. However, millions of other Android users are still waiting for the patch to be released by their own device manufacturers.
Along with Google’s security patch release went their written assessment “The most severe vulnerability… could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of a privileged process.” In short, any Android device using the specific OS can be compromised in countless ways. That means any information stored on a phone can be up for grabs–photos, messages, passwords and other sensitive data. Always getting apps, the damage a hacker can do with control of a device is up to them, and nobody wants that. In the meantime, Android mobile OS 7.0-9.0 users who don’t have a Google device need to beware of the videos they play. More importantly, they need to be aware of where the video file comes from.
Researchers discovered video files sent via instant messaging apps are safe in this particular case. However, that isn’t always the case. Apps like Facebook Messenger and WhatsApp, as well as Twitter and YouTube are included as safe, for this right now. These app manufacturers manipulate video files in a way that stops malicious code from being stored on a video. However, all video attachments need to be approached with great caution, especially when they’re from unknown or untrusted senders.
Hackers are very good at using email phishing to attach an “awesome” video just begging to be played, so better safe than sorry. Also, check your device update alert often to see when the security patch is available and download it immediately. The most current version of Android is version 10.0. If you have something older, update it right away to best protect it. Remember, keeping the “smart” in smartphone will always help keep your Android device safer.