KOBIL m-IDentity protection defends against recent attacks on Android Multimedia System


Currently, there are some reports about successful attacks on Android devices, exploiting weaknesses in multimedia handlers, e.g. for MMS messages or MP4 videos. These exploits allow attackers to get control over the smartphone: MMS Not the Only Attack Vector for “Stagefright” (Tendmicro) or Stagefright: It Only Takes One Text To Hack 950 Million Android Phones (Forbes)

KOBIL m-IDentity protection helps on several layers to protect your Apps against such threats. Even if the smartphone’s system-wide multimedia components are successfully attacked using any of the above mentioned exploits, the attack cannot be extended to an App secured with m-IDentity protection. This is achieved by protecting the App against manipulations by local processes – including privileged system processes. If your App is also using HTML5- or Web content, the URL whitelist filter as well as certificate pinning avoid loading of compromised content from manipulated web sites. Only authentic web pages of the content provider are displayed.

KOBIL estimates that shortly more exploits of this class will appear. Hardening functions of the KOBIL m-IDentity protection solution are permanently improved and adapted to latest knowledge.

Markus Tak