DecryptedTech

Tuesday05 July 2022

Displaying items by tag: Malware

Tuesday, 02 August 2011 22:37

Mobile phones, the new Windows XP

permissionsNot that long after Windows XP hit the market a very handy little flaw was found (one of many) that would be the start of a great love/hate relationship with this OS. Even today with Windows XP holding a only a little more than 50% of the PC market the venerable OS accounts for more than 60% of rootkits and something like 80% of the known malware and viruses. What does this have to do with mobile phones? Well is goes something like this; when you buy a mobile phone it comes preinstalled with the OS (usually some derivative of Linux). This OS allows you to setup some rather weak security (a reversible password for screen access). However underneath there are usually two accounts that everything runs on. There is the root account which is the master admin account and has rights to do just about anything. Then there is a mobile user account. This is the account that the UI and all applications run under. The problem? Well every phone out there from each manufacturer uses the same passwords for each (this may actually differ a little between handsets depending on the manufacturer). Yup that is right, if I can guess or hack the root password on one phone; I know them all for that line.

This handy little flaw has been shown on Apple, HTC, Google, Samsung (and just about all Android Phones). Where this becomes important is during application installation. It is during that time that some installers will (or can) access the root account of the phone. If a piece of malware written for your phone OS does this then you can be in a world of trouble.

CA Technologies has been tracking a new brand of malware for the Android platform. It started off by just logging the details of incoming and outgoing calls, but now has moved into actually being able to record these calls and transmit them back to a central server. The days of just installing any app that catches your eye is gone (it never really should have existed anyway). Now more than every Smart Phone users need to be careful what they allow their apps to do. As an extra precaution grabbing a mobile security app like Lookout or Similar for that extra level of protection is a good idea. Just like XP what we think of as secure, turns out to be full of holes after all.

Source and picture CA Technologies

Discuss this in our Forum

Published in News
Saturday, 23 July 2011 19:48

Apple Macbook batteries vulnerable to hack

News_iPhone-battery-1776Anyone remember Charlie Miller? He is the guy that has hacked more than his share of Apple products (and won a few PWN2Own contests). Well Charlie is back; this time he has found a hole in Macbook Batteries that can allow full control of the Macbook including uploading small programs that are undetectable by virus scanners. The reason they are undetectable is that the code is hidden inside the battery firmware.  Charlie was able to get inside the firmware after digging through it and finding the passwords that allowed him access. Due to Appleā€™s tendency to use the same password for each line of its products (like the iPhone) it was very easy to spread this exploit to other systems.

Published in News
Page 17 of 17