Information Security News
mailing list archives
Researcher To Demo Spy-Phone At Black Hat Las Vegas 2013
From: InfoSec News <alerts () infosecnews org>
Date: Fri, 28 Jun 2013 08:27:21 +0000 (UTC)
By Robert Lemos
June 26, 2013
Security researchers have warned that mobile phones could easily be made
into surveillance devices that can track users, record audio and video of
their surroundings, and eavesdrop on their communications. Now one
researcher plans to show off a proof-of-concept program at the Black Hat
Security Briefings this summer that can compromise a phone and turn it
into just such an eavesdropping platform.
The program, created by researchers at network security firm Kindsight,
essentially turns any Android phone into a compromised bot, allowing the
attacker to eavesdrop on communications, track location, download personal
information and take pictures without the victim’s knowledge. In addition,
the researchers will show how they developed the architecture of the
eavesdropping software and ways that it can be easily added as a Trojan
Horse to any mobile app.
"This is a demonstration, a proof-of-concept malware," says Kevin McNamee,
security architect and director of Kindsight’s Security Labs. "We use this
as a way to show the capabilities of the malware and show how dangerous
cyberespionage can be."
While only a small fraction of U.S. mobile users are impacted by malware,
spyware makes up a large portion of the pantheon of mobile threats. As of
March 2013, almost two out of every 10 malicious mobile applications
qualifies as spyware, according to Juniper Networks' Mobile Threat Center.
The company classifies any program that captures and transfer sensitive
data on the phone without notifying the user as spyware.
InfoSec News subscribers can save $100 off registration for the Black Hat
Briefing's by using this code: ISnews100
Visit the new and improved InfoSec News website
- Researcher To Demo Spy-Phone At Black Hat Las Vegas 2013 InfoSec News (Jun 28)