ID: IRCNE2012031421
Date: 2012-03-03
According to "techworld", malware tools that allow attackers to gain complete remote control of smartphones have become a serious threat to users around the world, security researchers say.
In a demonstration at the RSA Conference 2012, former McAfee executives George Kurtz and Dmitri Alperovitch, who recently founded security firm CrowdStrike, installed a remote access tool on an Android 2.2-powered smartphone by taking advantage of an unpatched flaw in WebKit, the default browser in the OS.
The researchers showed an overflow audience how the malware can be delivered on a smartphone via an innocuous looking SMS message and then be used to intercept and record phone conversations, capture video, steal text messages, track dialled numbers and pinpoint a user's physical location.
The tools used in the attack were obtained from easily available underground sources, Kurtz said. The remote access Trojan used in the attack was a modified version of Nickispy, a well known Chinese malware tool.
But the key issue is that similar attacks are possible against any smartphone, not just those running Android, he said.
WebKit for instance, is widely used as a default browser in other mobile operating systems including Apple's iOS and the BlackBerry Tablet OS. WebKit is also is used in Apple's Safari and Google's Chrome browsers.
In the demonstration for example, Kurtz and Alperovitch used an SMS message that appeared to come from the wireless service provider asking the user to install an important update. Clicking on the link the message caused the Trojan to be downloaded on the phone.
Therefore, mobile users must start making sure they apply all patches for their smartphones, pay attention to what they download and be aware of mobile phishing attacks, he said.
- 2