Android Malware's Potential Detailed - InformationWeek
Mobile // Mobile Devices
12:52 PM

Android Malware's Potential Detailed

Rootkits like the proof-of-concept developed by researchers could be used for eavesdropping or forcing smartphones to reveal its GPS coordinates.

Could your Android smartphone be used against you?

The answer is yes --at least theoretically. "We have developed a kernel-level Android rootkit in the form of a loadable kernel module," two security researchers from Trustwave, Nicholas Percoco and Christian Papathanasiou, recently announced via the Def Con website. Once the rootkit was running on a Linux-based Android smartphone, an attacker could call using a "trigger number" to then gain "full root access on the Android device" via TCP.

The researchers said they will exploit an Android smartphone live at next month's Def Con conference. This attack is only a proof of concept and has not been seen in the wild. Even so, the threat of getting one's smartphone "owned" makes for some unpleasant possibilities.

For example, said the researchers, "an attacker can proceed to read all SMS messages on the device [or] incur the owner with long-distance costs, even potentially pinpoint the mobile device's exact GPS location."

Those threats square with research into smartphone rootkits released in February by two Rutgers professors. One particular security problem, they said, is that while PCs often run virtual machines to detect rootkits, smartphones don't currently have the processing chops to run such software.

As a result, smartphones remain vulnerable to a variety of attacks, should the right malware be in place. For eavesdropping on conversations, for example, an attacker could use a text message to make the phone silently call a designated number and leave the connection open. Or a location-based attack could use a text message to make the smartphone forward its GPS coordinates to a designated email address.

"We're showing that people with general computer proficiency can create rootkit malware for smartphones," professor Liviu Iftode said in a statement at the time. "The next step is to work on defenses."

Speaking of defenses, how might attackers actually get the malware on your phone?

"The easiest way would probably be for the bad guys to have managed to get their evil mitts on your smartphone, and secured physical access to the device," said Graham Cluley, senior technology consultant for Sophos, on the company's blog. "But cybercriminals could also try to exploit an unpatched security vulnerability in the Android operating system, or use a social engineering trick to fool you into installing the malicious code."

Hawking fake software via the Android Market application store would be another attack avenue, he said, though the attackers would have to get around any safeguards that Google has in place, or else only target users who install non-Market applications.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Register for InformationWeek Newsletters
White Papers
Current Issue
Top IT Trends for 2018
As we enter a new year of technology planning, find out about the hot technologies organizations are using to advance their businesses and where the experts say IT is heading.
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll