DISCLAIMER: Logging other people's keystrokes or breaking
into other people's computer without their permission can
be considered illegal by the courts of many countries.
The monitoring software reviewed here is ONLY for authorized
system administrators and/or owners of computers.
We assume no liability and are not responsible for any misuse
or damage caused by the keylogging software. The end user of
this software is obliged to obey all applicable local, state,
federal and other laws in his country of residence.
December 21, 2006
Mobile spyware - it's here
Mobile viruses are becoming more common; so are many other security threats to mobile devices and the data they hold.
Most recently, however, researchers have learned that hackers are now creating mobile spyware, which manipulates SMS messages and allows them to be read by others.
David Rayhawk, senior researcher for McAfee Mobile, said there is evidence that malware writers are now actively working on developing their own mobile spyware. So far, he said, a Russian malware author has released a prototype of SMS-forwarding spyware that is invisible to the user, loads on startup, and forwards SMS text in a new SMS to the spyware's author. The malware breaks down at the forwarding part, but with some tweaking, Rayhawk said, an experienced hacker could figure it out.
The recent discovery is not the first time mobile spyware has been noticed, but Rayhawk said that it is time for folks to pay attention.
‘It's definitely not the end of the world,’ he said, noting that whoever created the most recent mobile spyware program also released the incomplete source code that would allow hackers to spy on others. If that source code spreads further, he said, it could be cause for alarm.
‘If that source code gets out, a semi-able hacker could adjust it,’ Rayhawk said.
The spyware works like this: A hacker sends an SMS message to the target. The target opens the message, installing the spyware onto the device. That spyware, unbeknownst to the victim, takes the SMS messages and forwards them on to the hacker.
Rayhawk said mobile operators should be the most concerned because protecting devices would cost them money, and a massive spyware outbreak could also have a financial impact. But he said it's premature for users to worry.
‘The likelihood of an individual user getting targeted is pretty low,’ he said.
There are steps that can be taken to avoid falling victim to mobile spyware, however. Rayhawk said embedded device security, such as antivirus, should be installed on devices when they come from the manufacturers.
In March, malware was found that copied SMS messages and sent them to a server where they could be retrieved by hackers. Then, in September, spyware was found that could retrieve SMS messages, contact numbers and call logs. There is also mobile malware that can call a device, make the device answer silently without the user's knowledge, and turn the device into a remote bug.
Rayhawk suggests that smartphone and mobile phone users start treating their devices more and more like PCs. He said that - as a culture - mobile users need to recognize that their devices are just as susceptible as their larger, fixed counterparts to spyware, worms, viruses and other malware.
‘People trust phones too much,’ Rayhawk said. ‘Users need to apply the same level of paranoia to their phones as they do to PCs.’
Source: SearchMobileComputing.com
All news for August, 2008
All news for 2008 year
All news for 2007 year
All news for 2006 year
All news for 2005 year
All news for 2004 year
DONATION: Keylogger.org is an independent research
project supported by a team of enthusiasts. If you find this
project useful or would like to help foster its continued
development please consider making a donation using PayPal`s
online secure payment service. A PayPal account is not required.
All major credit cards are accepted (MasterCard/Eurocard,
Visa/Delta/Electron, American Express, Switch/Maestro, Solo).
Simply click the button below.
Any amount would be useful and appreciated!
Thanks in advance for your support!
|
