|
|
At a time when European states are discovering the extent of the NSA's Prism spying program, the Kindsight laboratory, a subsidiary of Alcatel-Lucent, has developed an experimental program capable of tracking a user without their knowledge, intercepting their messages, recording their phone conversations and even taking photos and videos. "Our program is capable of transforming an Android smartphone into a spy mobile," said Kevin McNamee, director of the Kindsight laboratory. The latter intends to present its spying tool at the Black Hat USA conference, which is to be held from July 27 to August 1 in Las Vegas.
This technology, called DroidWhisper, can be hidden in a component. Integrated into an Android application, it can be executed secretly in the background, and activated automatically when the terminal is started. Once installed, the spyware Cell Phone Number Database can receive instructions from a command and control (C&C) server, either over the Internet or through the SMS service used for messaging. From a control panel on the server, criminals or government spies would be able to control the phone's camera, both to take pictures and videos, and even to hack the microphone and use the device's recording functions. In fact, the control panel could also be used to retrieve all recordings, all images, and all personal data present on the mobile.
The mobile, an ideal platform for corporate and government espionage
"The smartphone is an ideal platform to launch an attack against a corporate network or a government network," said Kevin McNamee. "The device really has all the features for that. It can connect to the Internet via Wi-Fi, it can take pictures, and it can record audio. It's a very powerful surveillance platform." Although not part of the proof of concept, "the spying platform can be used to download tools that can scan for vulnerabilities in a corporate network the moment the employee connects to the Wi-Fi network," the researcher added. That's because "the phone has a full, fully functional network stack. So if it has access to the corporate Wi-Fi network, then yes, it can scan the network," he said. To sneak the spyware
onto the phone, it's as simple as including a link in an email that redirects to a malicious website, or embedding it in an app that can be downloaded from an online app store. For example, the component could be injected into a fake version of a popular game. If GooglePlay, the official Android app store, scans for malware before it goes live; most third-party stores don’t. As Juniper Networks’ latest Mobile Threat Report notes , about three out of five stores are located in China and Russia. In March 2013, more than 90 percent of mobile malware detected by Juniper targeted the Android platform, nearly double the number in 2011.
To install and run the Kindsight Labs component on a device, the criminal must also find a way to bypass Android’s built-in security features. By default, apps don’t have permission to perform actions that impact other apps or the device itself. Those permissions must be granted by the user. But assuming the spyware gets through those defenses, only a system that can sniff out traffic between the component and command-and-control servers on the corporate network can detect the spyware.
|
|
發表於 2024-12-22 14:19:35