Infections on the go
Dec 1, 2009
Tags:
Hacked version of Google Maps Navigation
With mobile phones becoming increasingly attractive targets for viruses and malware, it's remarkable how few people actively protect their phones against infection. Christopher Backeberg reports...
 

Here's what UMU Mobile Security says on the matter: "Nearly everyone has anti-virus and anti-spam protection on their desktop computers and laptops, but far fewer people think about mobile anti-virus, mobile anti-spam or mobile anti-theft for their phones, smart phones and pocket PCs.

"Some may think it's not necessary or may not even know that such mobile phone anti-virus solutions are available," UMU continues, "but protecting your data and installing mobile security is as important as safeguarding your PC or laptop, if not more so. Nowadays we carry an enormous amount of information of both a personal and professional nature on mobiles, smart phones and pocket PCs."

This, says UMU, makes it vital to protect your phone because that's the only way to protect the precious data on the device.

Only days ago, the first really nasty piece of malware hit iPhones. Earlier this year Nokia repelled a virus attack. RIM BlackBerry is warning about the impending growth of phone viruses, and Microsoft has published a set of standard safety procedures to protect against mobile viruses.

And now, the hackers

Hacking, which is often intended to do good but could hide mischief, has become an issue since the advent of open source mobile operating systems and apps. Google and Android are the newest targets.

How tempting does this sound: "Balking at the price of satnav apps on the Android market? Fancy getting turn by turn free? Here's our tutorial to show you how it's done." With that, the Electricpig website in the UK proceeds to show how to hack Google Maps Navigation to run on Android phones in Europe.

Google Maps Navigation was launched for use with the latest Android systems. Recently Google released a beta version to run on Android 1.6. However, the beta is only intended to work in the USA.

No problem for Electricpig, which hacked the app and published details of how to run it on non-US Android handsets. So far Google hasn't officially commented on the hack. Technically, users of open source software are free to modify it as they require. However, don't be surprised if Google starts acting proprietary about the spirit in which any public modifications take place.

The hack from Electricpig is benign and offered to assist users. But take a look at their wording again and see how easy it would be for an ill-intentioned hacker to lure open source users into downloading malware: "Fancy getting XYZ free?" It could be navigation, social networking, a location-based service or a game. The "free" could include some unpleasant code.

Target: iPhone

A couple of weeks ago an Australian created a worm that infected the seemingly impervious iPhone. That was a generally harmless prank apart from wasting bandwidth. But now a genuinely dangerous iPhone virus has emerged in Europe.

This worm, which security researchers have named "Duh" or "Ikee.B", lets hackers hijack "jailbroken" iPhones and steal passwords, account details and other personal information. Any data that subsequently passes through the infected phone is compromised.

"Jailbreaking" is a process that enables the iPhone and iPod Touch to run unofficial code, bypassing the Apple App Store. Jailbroken iPhone users can download apps which are unavailable through the App Store. They can still download and update apps approved by Apple.

It has been estimated than one in every ten iPods and iPhones in the world have been jailbroken.

The worm hunts for vulnerable iPhones in several European countries, including The Netherlands, Portugal, Austria and Hungary. The Sophos data protection company has warned that the virus turns infected iPhones into zombies by joining them to a botnet.

Brett Myroff, CEO of a regional Sophos distributor, Sophos SA, said: "This means that once a user's iPhone has been turned into a zombie, cyber criminals can use it to download and perform any commands they might want in the future."

Denis Maslennikov, mobile research group manager at Kasperksy Lab, adds that the virus attempts to steal personal banking information. He urges users of jailbroken iPhones or iPod Touches to change the default SSH password to protect the devices from infection.

The first-ever iPhone virus, the one authored by Ashley Towns in Australia, did nothing more than change the wallpaper on infected phones to an image of 1980s pop star Rick Astley. It was not inspired by criminal intent.

Some annoyed users might have thought Towns deserved some form of punishment for his mischief. However, such is the nature of the digital world that Towns was offered and accepted a job with Mogeneration, an iPhone app development company based in Australia.

Target: BlackBerry

Research in Motion (RIM), maker of the BlackBerry, believes hackers will soon turn smartphones into rogue devices used to conduct cyber crime.

Scott Totzke, RIM's VP of BlackBerry security, said hackers could use smartphones to target wireless carriers using a technique similar to one used in assaults that slowed Internet traffic in the US and South Korea in July. By using a distributed denial-of-service (DDOS) attack, criminals use phone signals to order tens of thousands computers to contact a targeted site repeatedly, slowing it or eventually crashing it.

Totzke said hackers could bring down a wireless network by using a relatively small number of smartphones.

Kevin Mahaffey, CTO at Flexilis, a mobile security software producer, said such malware would probably come from applications that smartphone users install on their devices. Flexilis researchers have already identified virus-tainted versions of popular smartphone apps and games.

"These are not telephones anymore. These are computers. So people are going to have all the problems on their phones that they have on their computers," Mahaffey said.

Totzke advised that the best way to protect against such an attack was by regularly applying security patches.

Target: Nokia

Nokia and many of its users know how disruptive mobile viruses can be. In February this year Nokia S60 phones were hit with the so-called "Curse of Silence" virus.

That was a DDOS attack that targeted S60 users who had downloaded a specially formulated text message. Well, who doesn't read incoming SMS messages? Once opened, that message set up a block to prevent other SMS messages reaching the user's inbox.

Nokia quickly released an app that removed the virus without the need to reset the phone. Future viruses on any phone could be more destructive, requiring the mobile equivalent of a reformatting.

Target: all smartphones

In the past, traditional cell phones appeared to be immune to viruses. They weren't. It was simply too much trouble to write viruses when there were so many mobile operating systems and comparatively few mobile phones.

The esteemed journal Science published a study by researchers at Northeast University who pointed out what is now becoming obvious to a wider world - since the arrival of smartphones and rapid growth in smartphone sales, the risk of mobile phone virus attacks will increase as a few operating systems gain significant market share.

The researchers came to the ominous conclusion that smartphones could attract virus writers at a level more disruptive than computer viruses. Mobile viruses can be spread by either Bluetooth or MMS communications protocols. Bluetooth viruses can easily infect phones in a local area, comparable to the spread of contact-based disease.

MMS viruses, like computer viruses, can send copies to everyone in the infected phone's address book and copy themselves into a new handset in about two minutes. Since 2005, virus writers have developed hybrids that spread through both Bluetooth and MMS connections.

Defence: Microsoft's five simple steps

What should you do to make your mobile phone less vulnerable to infection? Microsoft views this question so seriously that Christopher Elliott of the Microsoft Small Business Centre published a guide to safe practices.

Elliott's advice includes five steps every mobile phone user should note. Briefly, they are:

1. Be extra cautious if you use a Windows CE or Bluetooth-based phone. It may be open to a limited number of viruses. One telltale sign of infection is a rapidly draining battery.

2. Always download software from a trusted source, and don't share applications with strangers. Also download the latest version of your operating system to ensure you're safe. And especially if you're in Europe, turn off Bluetooth until you need it.

3. Lock your handset when it's not in use. Choose complicated passwords for any online sign-ins and change them periodically. Don't open messages from senders you don't recognise.

4. Acknowledge that an infected cell phone is not just a cell phone problem! Many users automatically synchronise everything they can from their computers to handheld devices. You should synchronise selectively, and back up all of your files frequently... especially your address book.

5. Mobile anti-virus protection is no longer a crusade by the over-zealous. For all mobile device users, it is becoming increasingly foolhardy to leave your device unguarded.
Forthcoming LBS Conferences: