Tuesday, January 31, 2012

Your ANDROID 'smart' phone can be hacked


Hackers are now re-angling sophisticated techniques they use to break into personal computers to target and steal information from unaware smart phone users, a report shows.
And internet security specialist AVG says the number of cyber assaults on those with smart phones is likely to soar this year as more people upgrade to the technology.
The AVG report highlights the risks of quick response codes, stolen digital certificates and rootkits - all of which hackers are targeting to covertly break into smart phones.
Michael McKinnon, AVG security adviser, said because many big-name brands were using QR codes as an additional marketing and information tool people were inherently trusting of them.
But he said a malicious QR code sticker on existing marketing material or replacing a website's bona fide QR code with a hacked one could trick many.
"We want to build awareness that while QR codes are very convenient, we are making it stupidly easy to infect these phones by having these codes with web addresses that can point to malicious software.
"The giveaways really come back to the URL, it is a two-step process. The first step is scanning the code and the next is then tapping on the URL to be directed to the website. You want to be careful that it's a web link that looks legitimate."
Mr McKinnon said because modern smart phones were, hardware-wise, the equivalent of desktop PCs of five years ago it was not surprising that sales of them had outstripped the sales of PCs in late 2010.
Smart phones such as those running Google's Android software have WiFi connectivity, integrated GPS, mobile broadband and are becoming increasingly mainstream among consumers.
The growth in sales of Android devices continued last year with 200 million sold worldwide by November - and more than half a million people activating a smart phone each day.
Mr McKinnon said this in turn was attracting cyber criminals who were making greater use of stolen digital certificates, which are used to verify the identity of the author of applications used on smart phones.
He said the issue was already a pressing one in the PC world where legitimate certificates were being illegally obtained by hackers who develop their own malicious applications for the smart phone market.
"These developers create variations of legitimate applications and embed some nasty stuff in them and sign them cryptographically so they look valid but they just send people to a link to download the rogue application," he said. "The person on the smart phone is none the wiser."
Mr McKinnon said that while applications similar to anti-virus software applications were available for smart phone users, some people were not taking the same precautions they would when downloading material from the internet on a PC.
"They're not considering there's that potential risk but luckily the majority of these people choose to download from the known, official marketplaces so the risk is quite low."
The report showed Facebook received the greatest volumes of spam which usually comes from the US, followed by the UK.
It also focuses on one of the latest rootkits - which allow hackers remote access to computers - called ZeroAccess.
The rootkit allows hackers to spy on users and is controlled from a remote server or to use the infected machine when and how they wish.
New technology a challenge for cyber police
QR codes
What are they?
Quick response codes are a unique two-dimensional bar code on the lower right of a sticker (known as a QR code) seen on many products, advertisements and other forms of marketing. They let customers - and potential customers - learn more about a business by visiting a mobile version of the business' website on any supported smart phone.
How do they work?
A smart phone scans the QR code with its camera either with a downloaded application or via software that's already installed.
After scanning the QR code the smart phone user is taken to a website.
Rootkits
What are they?
A rootkit is a piece of malware (malicious software) that allows root level access to a computer while hiding its presence from administrators.
It does this by subverting standard operating system functionality or other applications.
How do they work?
A cyber criminal installs a rootkit on a computer after first obtaining root-level access by exploiting a known vulnerability or by getting a password.
Once installed, it allows the cyber criminal to remotely mask the ongoing intrusion and maintain privileged access to the computer.

No comments:

Post a Comment