The Israeli security company Zimperium found a gaping hole in the Android software — one that would let hackers break into someone's phone and take over, just by knowing the phone's number.
The Attack named Stagefright, arrives in a modified file delivered in an unremarkable MMS, which can bypass Android security to execute remote code and potentially allow access to files, storage, cameras and microphones.
Unlike phishing attacks, the user does not need to open the file for it to take effect and may not even notice it. “A fully weaponised successful attack could even delete the message before you see it”, says the company. “You will only see the notification. These vulnerabilities are extremely dangerous because they do not require that the victim take any action to be exploited”.
More here: Got an ANDROID PHONE? SMASH IT with a HAMMER