The security threat to mobiles has just stepped up.

Phone crashing regularly? Strange SMS bothering you for an update or a juicy link? It’s time to wise up to mobile malware.

Security experts have shown that iPhones and Android phones are vulnerable to the same type of “drive-by” attacks that have long plagued PC users.

A team of researchers infected a Google Android smartphone on Wednesday, live, in front of a packed audience of computer security buffs to prove how mobile malware is now on the cusp of the big time, after so many years of unfulfilled predictions.

Grabbed: a screenshot of the researchers’ Command & Control server shows a person with an infected phone traveling around Washigton DC. The blue P pin shows where he placed a phone call. Clicking on this icon would play the recording.

George Kurtz, co-author of Hacking Exposed, former McAfee security champion and now at the helm of CrowdStrike alongside former McAfee leading researcher Dmitri Alperovitch, demonstrated how the team designed a smartphone remote access tool (RAT) and eavesdrop operation.

They then set about buying the necessary items to make it happen, later coding, then executing the attack on their demo phone.

“We believe we are here today and on the cusp of what we’re going to see in the future. If you think of what a smartphone has the capability to do, it’s the ultimate spying tool. Always powered on, always connected, travels around with us at all times,” Kurtz began.

“If you haven’t figured out privacy is dead, this is going to do it for you.”

The scenario was a competitor wanting to intercept calls and text messages on Kurtz’s phone and the attack was Webkit-based. Webkit is a tool used by Apple, Google and RIM to render HTML websites in Safari, Chrome and Android, and the latest versions of the BlackBerry, respectively.

The team bought 20 Webkit vulnerabilities – or bugs – in the underground for $US1400, spent approximately $US14,000 developing the malware code (“weaponisation phase”) and engineering root access, as well as building their own command and control centre to be able to harvest the fruits of their exploits.

The attack followed several steps: the first was a text message delivered to the smartphone appearing to come from the mobile carrier requesting a system update via a link. Once clicked, the drive-by link delivered the first part of the malware to the phone to elevate access (root) privilege, then cause it to crash.

It then automatically rebooted, executing the second part of the malware and hijacking the phone’s communications.

When Kurtz made a call to Alperovitch, the audience could hear the live conversation – as well as what was said before the call connected. On the command and control centre’s screen, a map positioned Kurtz and Alperovitch’s locations, the start of transmission, and the text of a subsequent text message Alperovitch sent Kurtz.

They said the attack did not require a phone be jailbroken and would work on any of the devices using Webkit – although this particular code was customised for the Adroid 2.2 (Froyo) version.

Kurtz told Fairfax Media such an attack would be possible on the iPhone because of the root access obtained via the browser vulnerability.

“We would have to get code execution via the browser, then escalate our privilege to root and totally bypass the app store [as we did] with Android.

“This is the point we are making: drive-by attacks will hit the phone just like the PCs,” he said.

But he said he didn’t want the audience to develop a bout of paranoia.

“The sky is not falling, these are very targeted attacks.”

Read more: http://www.smh.com.au/it-pro/security-it/use-a-smartphone-you-may-want-to-read-this-20120301-1u4jh.html#ixzz1oExW9RHp

Anonymous gain access to FBI and Scotland Yard hacking call

Hacking network Anonymous has released a recording of a conference call between the FBI and UK police in which they discuss efforts against hackers.

The call, said to have taken place last month, covers the tracking of Anonymous and similar groups, dates of planned arrests and details of evidence held.

Anonymous also published an email, apparently from the FBI, showing the email addresses of call participants.

The FBI and Scotland Yard confirmed the leak and said they were investigating.

It also emerged on Friday that hackers linked to Anonymous had accessed the websites of several US law enforcement agencies and that of the Greek justice ministry.

‘Email intercept’

The FBI said in a statement: “The information was intended for law enforcement officers only and was illegally obtained. A criminal investigation is under way to identify and hold accountable those responsible.”

London’s Metropolitan Police’s central e-crime unit said the matter was being investigated but that no operational risks had been identified.

It was unclear how Anonymous had managed to obtain the recording but a lawyer for one of the suspects discussed told the BBC it appeared to have been taken as an audiofile from an intercepted email, rather than having been eavesdropped on.

A comment on one of the Twitter accounts linked to Anonymous, AnonymousIRC, said: “The FBI might be curious how we’re able to continuously read their internal comms for some time now.”

BBC security correspondent Frank Gardner says the recording, which was published on YouTube, will be highly embarrassing for the cyber crime detectives.

At one point an FBI agent thanks the Metropolitan police for their help with investigations, to which the British detective replies: “We’re here to help. We’ve cocked things up in the past, we know that.”

‘Attention seeker‘

According to the alleged leaked email, the 17-minute phone call took place on 17 January.

The email was sent to law enforcement officials in the US, UK, Sweden, Ireland and other countries, inviting them to “discuss the on-going investigations related to Anonymous, Lulzsec, Antisec, and other associated splinter groups”.

The recording features the voices of about five men, apparently speaking from London, Los Angeles and Washington.

They begin with light-hearted conversation but move on to discussing the names of some of the people being tracked and their plans for legal action.

The online pseudonyms of suspects are included in the recording, but some of the real names appear to have been bleeped out.

Among those discussed are several British men accused of being behind cyber attacks in the US and UK, including Jake Davis and Ryan Cleary who were arrested last year.

The British detectives discuss delaying some arrests while US investigations are being carried out.

The police also refer to a 15-year-old who claims to have been behind an attack on online gaming site Steam last year, where the identities and credit card details of tens of thousands of users were accessed.

“He’s a 15-year-old who’s basically just doing this all for attention,” says the British detective.

Anonymous is a loose collective of hackers, anarchists and pranksters which has targeted the websites of a range of governments, companies, law enforcement agencies and individuals in recent years.

Also on Friday, Anonymous claimed credit for an attack on a police website in the US city of Boston. A message posted on the site said it had been hacked several months ago in response to “police brutality” towards the Occcupy Wall Street movement.

This followed another attack on a police website in Salt Lake City on Tuesday, where officials say personal information on informants, crimes and residents were accessed.

Hackers operating under the Anonymous name also took over the website of Greece’s justice ministry on Friday, prompting officials to take the site down.

The hackers said the action was a protest against Greece’s signing of a global copyright treaty and the government’s handling of the economic crisis.

The website was replaced with a video of a figure wearing the symbolic white mask of Anonymous supporters, saying: “Democracy was given birth in your country but you have killed it.”

Speaking at the Chaos Communications Congress in Berlin, noted mobile security expert Karsten Nohl claims that all GSM mobile phones—that means about 80 percent of all mobile phones on the planet—are potentially vulnerable to attacks that can let others eavesdrop on conversations, as well as send texts and place calls from other people’s phones—potentially ringing up exorbitant changes to premium phone and text services. Although Nohl has not revealed the specific details of his method, he did note that hackers usually replicate the code needed for most mobile attacks within a few weeks.

“We can do it to hundreds of thousands of phones in a short timeframe,” Nohl told Reuters before his presentation. Nohl is the head of Germany’s Security Research Labs.

The exploit involves older 2G technology still widely deployed on many mobile operators’ networks. Nohl studied the operations of mobile carriers in 11 European countries using a seven-year-old Motorola phone, and was able to tap into both voice and text messaging from GSM users. Nohl also noted that, while it is possible for carriers to take steps from their GSM network’s command protocols from being misused, implementations vary widely between carriers, and even across regions. For instance, Nohl found that Vodafone’s British network was reasonably well locked down, its network in Germany was less secure. Germany’s T-Mobile and France’s SFR topped Nohl’s rankings.

A new Web site, gsmmap.org enables consumers to see how their carriers stacked up, and will soon enable interested users to participate in testing the security of their operators.

Mobile users in the United States may, ironically, be less vulnerable to these attacks than mobile users in many parts of the world since only two of the U.S.’s four major carriers—AT&T and T-Mobile—use GSM technology. Verizon Wireless and Sprint both use CDMA technology, which is not subject to this particular vulnerability.

http://www.digitaltrends.com/mobile/researcher-claims-all-gsm-phones-vulnerable-to-hijacking/

Britain’s largest police force has been using covert surveillance technology that can masquerade as a mobile phone network to intercept communications and unique IDs from phones or even transmit a signal to shut off phones remotely, according to the Guardian.

The system, made by Datong in the United Kingdom, was purchased by the London Metropolitan police, which paid $230,000 to Datong for “ICT hardware” in 2008 and 2009.

The portable device, which is the size of a suitcase, pretends to be a legitimate cell phone tower that emits a signal to dupe thousands of mobile phones in a targeted area. Authorities can then intercept SMS messages, phone calls and phone data, such as unique IMSI and IMEI identity codes that allow authorities to track phone users’ movements in real-time, without having to request location data from a mobile phone carrier.

In the case of intercepted communications, it is not clear whether the network works as a blackhole where intercepted messages go to die, or whether it works as a proper man-in-the-middle attack, by which the fake tower forwards the data to a real tower to provide uninterrupted service for the user.

In addition to intercepting calls and messages, the system can be used to effectively cut off phone communication, such as in a war zone where phones might be used as a trigger for an explosive device, or for crowd control during demonstrations and riots where participants use phones to organize.

The Met police would not provide details to the Guardian about where or when its technology had been used.

According to the company’s web site, Datong “develops intelligence solutions for international military, law enforcement and intelligence agencies for use in all operating environments,” and sells its products in the U.S. as well.

Between 2004 and 2009, Datong won over $1.6 million in contracts with the U.S. Secret Service, Special Operations Command, the Bureau of Immigration and Customs Enforcement and other agencies. In February 2010, the company won a $1.2 million contract to supply tracking and location technology to the U.S. defense industry. It also sells technology to regimes in the Middle East.

A spokesman for the U.S. Secret Service verified to CNET that the agency has done business with Datong, but would not say what sort of technology it bought from the company.

The FBI is known to use a similar technology called Triggerfish, which also pretends to be a legitimate cell tower base station to trick mobile phones into connecting to it. The Triggerfish system, however, collects only location and other identifying information, and does not intercept phone calls, text messages, and other data.

Last year at the DefCon hacker conference in Las Vegas, security researcher Chris Paget demonstrated a low-cost, home-brewed device that mimics the IMSI catchers that U.S. law enforcement agencies use.

The device spoofs a legitimate GSM tower and emits a signal that’s stronger than legitimate towers in the area to entice cell phones to route their outbound calls through the spoofed tower, allowing an attacker to intercept and record calls before they’re routed on their proper way through voice-over-IP

http://memeburn.com/2012/01/online-security-trends-to-watch-out-for-in-the-new-year/

http://searchsecurity.techtarget.com/tip/How-to-prevent-iPhone-spying-mobile-phone-management-tips

With more company business being done on mobile devices, personally identifiable information (PII), intellectual property and trade secrets are at higher risk of theft from people using GSM hacking software, which was made readily available following last year’s encryption crack. But other voice data risks exist as well, such as mobile device users being unaware of their surroundings.

For further information, click here:

http://searchsecurity.techtarget.com/news/1393828/Voice-data-security-risks-on-the-rise-say-experts

For further details click here:

http://www.esecurityplanet.com/mobile-security/6-tips-for-better-mobile-security.html

 CIC has built a network of offices strategically located within the United Kingdom and the European regions ensuring a perfect synergy between CIC and its client-partners. Our team brings together a diverse and extensive range of skills with a depth of understanding of security

 Founded in early 2011, we aim to provide unrivalled customer services to protect our clients from potential security threats on mobile devices. The recent rise in popularity in smartphones has redefined how we communicate; from how we work  to how we bank or shop. This has introduced greater security risks for end users.