Study of Android Malware in the Market

The SMobile Global Threat Center (GTC) has released a study of malicious applications that currently exist in the Android Market. This study attempts to identify applications that are available for download that either market themselves as spyware, or have the ability to be used as a spying application against an unaware user. SMobile identifies and categorizes malicious applications that could enable illegal spying based upon the fact that the application lends the ability to hide itself from detection from a user. According to information security managers around the world, spyware represents the greatest threat to intellectual property or proprietary information manipulated on mobile devices. Law enforcement officials have stated that spyware could lead to identity theft, loss of sensitive, personal or financial information, and is often used to illegally track the movements and communications of consumers.

Android Malware in the Market

US loses cyberwarfare game

A simulated cyber attack has shown once again that the US is unprepared for cyberwarfare, a year after the federal government conducted an extensive review of its cyber security stance.

On Tuesday, the Bipartisan Policy Center hosted Cyber ShockWave, a simulation designed to mimic a widescale cyber attack on the US. The wargame, which included a mock White House emergency room, revealed some crucial gaps in US preparedness, according to the BPC.

Read the full article, US Loses Cyberwarfare Game

Viral Attacks Threaten Smartphones

Smartphone users may have a new worry to contend with as cyber criminals seek to break into web-connected mobile devices, but the threats so far have been contained by the mobile industry, according to security experts.

The Mobile World Congress in Barcelona, Spain provided software security firms an opportune time to bring up warnings that the mobile industry could be facing serious viral attacks now and in the future.

Read the full article, Viral Attacks Threaten Smartphones

Does SMS text message pose a security risk?

In the spring of 2009, Smartphone users were surprised by the sophistication of an SMS worm, known as YXES, that affected Symbian devices. It started with an SMS message that consisted of a link to a malicious website hosting a malicious payload for the device. Once the payload was downloaded, it would attempt to send an SMS message to the phone numbers that appeared in the compromised device’s call log. This worm also stole the user’s device information and uploaded it to the server. In the summer of 2009, mobile security researchers demonstrated, in a live presentation at the BlackHat conference, that they were able to take complete control of a victim’s iPhone by sending a specially crafted SMS message to the device. And in the fall of 2009, Research In Motion (RIM), the manufacturer of BlackBerry Smartphones, issued an advisory concerning a certificate-handling flaw that could allow an attacker to trick users into visiting a malicious website via SMS messages.  Finally, according to research conducted by security researchers at Pennsylvania State University, it may be possible for attackers to cause denial of service conditions by spamming mobile networks, if successful, could cripple them.

continue reading…

Study of BlackBerry Proof-of-Concept Malicious Applications

SMobile’s Global Threat Center (GTC) has released a research study on proof of concept malicious applications for BlackBerry platform. This research exposes the weakened security posture of BlackBerry device that operate under the BlackBerry Internet Service environment. The proof of concept applications discussed in this research are developed to examine the response of BlackBerry inbuilt security framework. Through this research, SMobile concludes that there are certain instances of attacks that may be successful in bypassing the security framework of BlackBerry and poses a significant threat to privacy and confidentiality of the user. This research paper can be downloaded here:

BlackBerry paper

New Spyware released for BlackBerry

In the past few months, there has been a tremendous increase in the release of spyware applications for smartphone devices. Earlier this year we saw the release of the first spyware application for the iPhone that supported 2G/3G/3GS iPhones. Later we saw the releases of more advanced spyware applications for the BlackBerry and the iPhone. And recently, on Nov 06, 2009, the world’s first spyware application for Android was released.  In summary, this year alone we have seen that the threats that were dominating Windows and Symbian devices have begun to make their way to the sexier BlackBerry, iPhone and Android devices.

continue reading…

Australia Breeds First iPhone Worm

November must be the month of firsts in mobile security.  In the first days of November, reports were coming out about a Dutch hacker that was attacking iPhones via SSH, using the well known root password for jailbroken devices.  As our regular readers might recall, SMobile released a report detailing the process to bypass iPhone’s security implementations by jailbreaking the device.  They’ll also recall that our testing team was able to gain root access to the test iPhones by connecting to the device over SSH and using the root account credentials that had been revealed during the research that led to the discovery of the jailbreak process. The Dutch attacker was simply using the same information to take control of victim devices that he was able to locate and connect to, then blackmailing them into paying to release the data on their devices.

continue reading…

First Spyware for Android released

SMobile Systems is proud to announce that it is the first mobile security company to detect and prevent its customers from the World’s first Spyware threat for Android devices. On Oct 26, 2009, the MobileSpy officially released the spyware version for BlackBerry. Now, they have released the world’s first mobile spyware application for Android. It appears that the Mobile Spy team has been working hard in the last couple of weeks to get their spyware application ported to Android devices. According to Mobile Spy, “this Spyware Application is not meant for a use on a phone you do not own and have proper permissions to monitor”, and its spyware now supports all Android models, including the new Motorola Droid and T-Mobile My Touch 3G.

continue reading…

Study of Man In The Middle Attack on Smartphones

According to a survey conducted by a mobile advertising researcher, AdMob, smartphone users are driving up the use of Wi-Fi hotspots. The result of the survey indicates that there were 550 million smartphone Wi-Fi requests in Western Europe alone in 2008, a 132% increase for the year. AdMob said that 42% of the requests fromMIMT Whitepaper iPhones originated from Wi-Fi hotspots [1]. In the United States, AT&T reported a 41% increase for the year in iPhone connections, alone, at wireless hotspots [2]. In a new report, the market research firm Yankee group [3] has forecast that the number of smartphone users will quadruple to 160 million by the year 2013. In another report released by ABI Research, Wi-Fi smartphone sales will double by 2011 [4]. ABI Research also found that 74% of people who have Wi-Fi enabled smartphone’s use the technology and 77% say they want a Wi-Fi enabled handset when they make their next purchase [5].

MITM Attack Whitepaper

BlackBerry Spying Application Raises Awareness

On October 27^th the US-CERT released an advisory detailing the BlackBerry “PhoneSnoop” application that can be used to spy on BlackBerry users. US-CERT’s analysis accurately states that this tool “allows an attacker to call a user’s BlackBerry and listen to personal conversations.” It is important to note that this tool was developed and published under the premise that it is proof-of-concept code designed to raise awareness of the misrepresented nature of the security of BlackBerry devices. The author of the tool, Sheran Gunasekera, publicly states that his “intention was to raise awareness that even though the BlackBerry is one of the more secure platforms, there are still means where its users can be spied upon,” Gunasekera wrote in an e-mail on Tuesday. “I wanted to highlight that even with such technical security controls, the human element can be exploited through social engineering.”

continue reading…