The attack is delivered to the owners of Android devices via simple multimedia text and once it is delivered, hackers are able to write code to the device and steal data from sections which are connected with Stagefright. Attackers can get access to audio, media files or photograph stored on SDcards. Adding to this, hackers can also operate the Android device remotely.
“These vulnerabilities are extremely dangerous because they do not require that the victim take any action to be exploited. Unlike spear-phishing, where the victim needs to open a PDF file or a link sent by the attacker, this vulnerability can be triggered while you sleep,”
Google has already addressed the Stagefright vulnerabilities within 48 hours after they were notified but the firm believes that most manufacturers haven't yet taken reasonable steps to ensure if customer's data are safeguarded.