Bugnets Could Spy on You via Mobile Devices

What About the App Store?

Even Apple's tightly controlled iPhone App Store could potentially house malicious apps or bugbots. At Black Hat DC 2010 (a security conference), Nicolas Seriot of the University of Applied Sciences Western Switzerland demonstrated how a malicious program could bypass the App Store's strict filters [PDF]. Seriot, an iPhone developer, suggested that someone with ill intentions could upload a version of his file to the App Store and infect many users' phones before Apple managed to pull it.

Seriot also challenged Apple's assertion that third-party apps on the device are sandboxed so that system files, resources, and the OS kernel are shielded from the user's application space. He showed the audience that a malicious third-party application--not even a rootkit--could provide remote access to the iPhone's contact list, image file, text messages, GPS data, and other vital information. So far, Apple has not directly responded to Seriot's research.

Taking Precautions

As the Rutgers study states, "the pervasive nature of smart phones and a large, unsophisticated user base also make smart phones particularly attractive to attackers." In general, you should be suspicious of phone downloads--even ringtones--as such files could harbor malware. But you also need security software for your phone, sooner rather than later. Fortunately, Eset, F-Secure, Kaspersky, McAfee, and Symantec (Norton) all offer tools that can protect against most mobile malware. And some phone vendors, such as Nokia, now preinstall antivirus on their handsets.

One startup is going a step beyond. In addition to blocking malware, Lookout, a mobile security tool that is free at this writing, offers a suite of defenses: a mobile firewall, mobile data backup (which allows you to return your phone to a preinfected state), and the ability to wipe a lost or stolen phone remotely.

For comprehensive coverage of the Android ecosystem, visit Greenbot.com.

Subscribe to the Best of TechHive Newsletter

Comments