Open source versus closed source.  It’s a discussion that often leads to heated arguments and one that will likely continue well beyond its usefulness.  The discussion began before many of us realized there would need to be terms such as “malware” and the often incorrectly used “hacker”.  Regardless of what side of the discussion you come down on, the term Android has not helped to lessen the veracity of the debate.  Since Google released the first Smartphone operating system that was supposed to be completely open source, the debate between BlackBerry, Windows Mobile, iPhone and Symbian users continues to get louder.

Whether you’re new to the Smartphone revolution or are an Android convert from some other platform, there is a reason that you chose Android.  Some wanted to break the stuffy business-like feel of the BlackBerry.  Others were excited about the possibilities that an operating system built on a Linux kernel with incredible customization capabilities brings.  Some wanted something that was friendly or easier to use than the Windows Mobile or their Symbian device.  Then there are the ones that just want to be anti-Apple.  There are just as many anti-everything-Apple as there are Apple “fanboys” in the world.  There are also those that just got a deal from their provider that they couldn’t refuse.  Regardless of the reason, Andriod’s market share is growing….

To continue reading, download the full Android Malware Whitepaper

Android Malware Whitepaper

In the spring of 2009, Smartphone users were surprised by the sophistication of an SMS worm, known as YXES, that affected Symbian devices. It started with an SMS message that consisted of a link to a malicious website hosting a malicious payload for the device. Once the payload was downloaded, it would attempt to send an SMS message to the phone numbers that appeared in the compromised device’s call log. This worm also stole the user’s device information and uploaded it to the server. In the summer of 2009, mobile security researchers demonstrated, in a live presentation at the BlackHat conference, that they were able to take complete control of a victim’s iPhone by sending a specially crafted SMS message to the device. And in the fall of 2009, Research In Motion (RIM), the manufacturer of BlackBerry Smartphones, issued an advisory concerning a certificate-handling flaw that could allow an attacker to trick users into visiting a malicious website via SMS messages.  Finally, according to research conducted by security researchers at Pennsylvania State University, it may be possible for attackers to cause denial of service conditions by spamming mobile networks, if successful, could cripple them.

continue reading…

SMobile’s Global Threat Center (GTC) has released a research study on proof of concept malicious applications for BlackBerry platform. This research exposes the weakened security posture of BlackBerry device that operate under the BlackBerry Internet Service environment. The proof of concept applications discussed in this research are developed to examine the response of BlackBerry inbuilt security framework. Through this research, SMobile concludes that there are certain instances of attacks that may be successful in bypassing the security framework of BlackBerry and poses a significant threat to privacy and confidentiality of the user. This research paper can be downloaded here:

BlackBerry paper

So, let’s recap.  In the early days of November, a Dutch kid realizes that nearly everyone that has jailbroken their iPhone (almost 8%, roughly 2 million, of all iPhones in the world) is likely still using the default SSH password of “alpine” on their devices.  He decides to hack into iPhones and then charges the victims 5 Euros to get their data back.  A few short days later, an Aussie writes the world’s first iPhone worm that took advantage of the same self-inflicted vulnerability.  However, this worm acted as a warning to the iPhone community and was not overtly malicious.  The iKee worm leveraged the SSH “alpine” password to change the wallpaper of the affected device to a picture of Rick Astley.  The iKee worm was said to have only really affected a couple of carriers in Australia and few sparse reports of the worm breaking out into some Asia Pacific networks. At this point, many security researchers got serious about informing the public of the vulnerability, as well as the process to change the passwords on jailbroken iPhones around the world. The same security researchers also warned that the non-malicious iKee worm code would be modified to contain malicious payloads in the future.  We are there now.

continue reading…

Just three short days ago, this blog made the not-so-difficult prediction that the Australian born iPhone worm “iKee” would undoubtedly lead to much more nefarious payloads born from malicious intents.  Yesterday, we began hearing reports of a new cross platform iPhone malware, dubbed iPhone/Privacy.A which is being used to mine iPhones for coveted personal/confidential information.

continue reading…