As Android phones become major target for hackers, Google and Samsung to release monthly security fixes

Google and Samsung will release monthly security fixes for Android phones, a growing target for hackers, after the disclosure of a bug designed to attack the world’s most popular mobile operating system.

The change came after security researcher Joshua Drake unveiled what he called Stagefright, hacking software that allows attackers to send a special multimedia message to an Android phone and access sensitive content even if the message is unopened.

“We’ve realised we need to move faster,” Android security chief Adrian Ludwig said at this week’s annual Black Hat security conference in Las Vegas.

Previously, Google would develop a patch and distribute it to its own Nexus phones after the discovery of security flaws.

But other manufacturers would wait until they wanted to update the software for different reasons before pushing out a fix, exposing most of the more than 1 billion Android users to potential hacks and scams until the fix.

Ludwig also said Google has made other security changes. In an interview, he told Reuters that earlier this year the team broke out incidence rates of malicious software by language. The rate of Russian-language Androids with potentially harmful programs had spiked suddenly to about 9 per cent in late last year, he said.

Google made its roughly weekly security scans of Russian phones more frequent and was able to reduce the problems to close to the global norm.