Metaphor: Remote Android Exploit That Hacks Your Phone In 10 Seconds

The Stagefright saga hasn’t finished yet with a new exploit known as Metaphor emerging onto the scene. It’s pretty dangerous, and because of it, millions of Android devices are directly under threat. So, in case you rock an android smartphone, be careful as this new bug can hack your device in less than 10 seconds.

android-stagefright-bug

Stagefright is pretty well known and involves a series of simple steps for taking control of an Android phone:

  • Firstly, the user is tricked into visiting a hacker’s webpage
  • The visited page contains a malicious media file
  • Once the file is downloaded; it resets the internal state of the phone.
  • Thereafter, the attacker sends a custom generated video file to the affected device, exploiting the Stagefright bug to reveal more info about the device’s internal state.
  • Using the sent info, hacker is able to gain the control of your smartphone

A security research-based firm, NorthBit has claimed to exploit this remote Android hacking bug. However, it termed this exploit as the “worst ever discovered”.

What’s worse is that this new Stagefright exploit also guides black hat hackers, white hat hacker and even government spying agencies to build the Stagefright exploit for themselves — here’s the PDF document.

To counter the claims, researchers uploaded a video that illustrates how easy it was for them to hack into Android-powered Nexus 5 device using this exploit in just 10 seconds. You can watch the video below: