[ insider_reports_insider ]
Researchers Warn Of SmartPhone Security Threats
Mike Sachoff
Staff Writer
2010-02-23
 Insider Reports RSS Feed
Computer scientists at Rutgers University have demonstrated how hackers could attack smartphones and use them to listen in on a meeting, track a users travels, or rapidly drain the battery without the owner being aware of what happened.
 | | Researchers Warn Of SmartPhone Security Threats |  |
"Smart phones are essentially becoming regular computers," said Vinod Ganapathy, assistant professor of computer science in Rutgers' School of Arts and Sciences.
"They run the same class of operating systems as desktop and laptop computers, so they are just as vulnerable to attack by malicious software, or 'malware.'"
Ganapathy and computer science professor Liviu Iftode worked with three students to study malware known as "rootkits." Unlike viruses, rootkits attack a computer's operating system. They can only be detected from outside a corrupted operating system with a tool know as a virtual machine monitor, which can examine every system operation and data structure.
Rootkit attacks on smartphones or upcoming tablet computers could be more devastating because smart phone owners tend to carry their phones with them all the time. This creates opportunities for potential attackers to eavesdrop, extract personal information from phone directories, or just pinpoint a user's whereabouts by querying the phone's Global Positioning System (GPS) receiver.
Smartphones also have new ways for malware to enter the system, such as through a Bluetooth radio channel or via text message.
In one test, the researchers showed how a rootkit could turn on a phone's microphone without the owner knowing how it happened. In such a case, a hacker would send an invisible text to the infected phone telling it to place a call and turn on the microphone, such as when the phone's owner is in a meeting and the attacker wants to eavesdrop.
"What we're doing today is raising a warning flag," Iftode said. "We're showing that people with general computer proficiency can create rootkit malware for smart phones. The next step is to work on defenses."
The researchers pointed out they did not assess how vulnerable specific types of smartphones are. They did their work on a phone used mainly by software developers versus commercial phone users. Working within a legitimate software development environment, they deliberately inserted rootkit malware into the phone to study its potential effects. They did not find a vulnerability that a real malware attacker would have to exploit.
About the Author:
Mike is a staff writer for WebProNews. Visit WebProNews for the latest ebusiness news.
More insider_reports_insider Articles
Insider Reports RSS Feed
|
|
iEntry 10th Anniversary
RSS
Archive
