Quick steps to help protect against Stagefright vulnerability
What if a hacker just needed your mobile phone number to gain access to your private information? That in fact is the case with Stagefright — one of the latest vulnerabilities to gain media attention.
Reportedly affecting 95% of Android users, this vulnerability allows an attacker who knows your mobile phone number to send malware over an MMS message that targets a device’s media playback engine, called Stagefright. Because Android messaging apps are by default set up to automatically load videos, this is a potentially high-risk vulnerability that can expose your personal and financial information to hackers.
Once they’ve delivered malware to a device, criminals are then able to steal data from that infected phone and hijack the device’s camera and microphone.
Here’s the quick temporary workaround to help protect an Android device from Stagefright:
- Disable the auto-download feature on MMS messages in your phone’s SMS app or through Google Hangouts, whichever app you use.
- In a device’s messaging app, go to SETTINGS, then MULTIMEDIA MESSAGES, then unclick the AUTO-RETRIEVE feature.
- In the Google Hangouts app go to SETTINGS, then SMS, scroll to ADVANCED and uncheck the AUTO RETRIEVE MMS box.
After you disable this feature, you can still download MMS data, but you will be prompted each time. This will allow you to choose what you download and avoid accepting messages from people you don’t know.