50 Arrested Over Smartphone Spyware

Romanian authorities have arrested 50 individuals accused of using off-the-shelf software to monitor mobile phone communications of their spouses, competitors, and others, according to news reports.

The Romanian Directorate for Investigating Organized Crime and Terrorism also arrested Dan Nicolae Oproiu, a 30-year-old IT specialist who allegedly sold the spyware for as much as $580 over the internet. Officials claim his software was available for handsets running the iPhone, Blackberry, Symbian, and Windows Mobile operating systems, and came in Light, Pro, and Pro-X versions that offered varying levels of services.

Speculation is that that Oproiu was reselling FlexiSPY, a package that’s long been marketed to people who want to catch cheating spouses, stop employee espionage, protect children, and bug meeting rooms. The Pro-X version allows a user to listen to calls in real-time, surreptitiously read SMS, call logs, and email, and convert the targeted phone into a remote bugging device that can secretly capture the sounds in its immediate vicinity.

Smartphone Apps Spying On You

I just came across an interesting article on the India Times web site titled “Smartphone apps are spying on you”. It goes on to explain that a cellphone security firm found many free applications downloaded and used on iPhones and phones running Android pulled sensitive information off the phone and sent the data to a third party.

Here is an excerpt from the article,

Lookout Inc, a cellphone security firm, scanned nearly 300,000 free applications for Apple Inc’s iPhone and phones built around Google Inc’s Android software. It found that many of them secretly pull sensitive data off phones and ship them off to third parties without notification.

The data can include full details about users’ contacts, their pictures, text messages and internet and search histories. The third parties can include advertisers and companies that analyze data on users. The information is used by companies to target ads and learn more about their users. The danger, though, is that the data become vulnerable to hacking and use in identity theft if the third party isn’t careful about securing the information.

Lookout found that nearly a quarter of the iPhone apps and almost half the Android apps contained software code that contained those capabilities.

Click here to read the article in full.

Nice Article: Dark Side Arises for Phone Apps

I have just read a very nice article on the Wall Street Journals web site titled “Dark Side Arises for Phone Apps“.

Here are a couple of paragraphs that really caught my attention,

In one incident, Google pulled dozens of unauthorized mobile-banking apps from its Android Market in December. The apps, priced at $1.50, were made by a developer named “09Droid” and claimed to offer access to accounts at many of the world’s banks. Google said it pulled the apps because they violated its trademark policy.

The apps were more useless than malicious, but could have been updated to capture customers’ banking credentials, said John Hering, chief executive of Lookout, a mobile security provider. “It is becoming easier for the bad guys to use the app stores,” Mr. Hering said.

“Mobile phones are a huge source of vulnerability,” said Gordon Snow, assistant director of the Federal Bureau of Investigation’s Cyber Division. “We are definitely seeing an increase in criminal activity.” The FBI’s Cyber Division recently began working on a number of cases based on tips about malicious programs in app stores, Mr. Snow said.

The cases involve apps designed to compromise banking on cellphones, as well as mobile “malware” used for espionage by foreign nations, said a person familiar with the matter. To protect its own operations, the FBI bars its employees from downloading apps on FBI-issued smartphones.

Click here to read the full article (it’s a good one) on the Wall Street Journals web site.

Cops Bust SMS Scam With Arrest of 26

Just read on article on thestar.com.my about a group scamming money via SMS.

In Kuala Lumpur Malaysia a notorious SMS scam syndicate tricking victims into parting with their money by convincing them that they have won cash prizes has been busted with the arrest of 26 people.

This group is actually part of a SMS scam syndicate we busted last year in Tawau. Police also seized four laptops, 73 handphones, 41 account logbooks, ATM and credit cards and RM6,000 during the raid. Each laptop is able to send out up to 1,000 SMSes a day.

Click here to read the full article.

Trojan SymbOS/MerogoSMS Worms

Known as Trojan SymbOS/MerogoSMS worms are currently attempting to spread on Symbian Series 60 3rd Edition devices. Symbian is the most common smartphone operating system in use.

They spread by sending text messages to other phones. The SMS contains a variable message in Chinese with a link to a web site. If  followed the user is prompted to install an application thereby infecting the phone and restarting the whole process of propagation via SMS. These worms appear to have the capability of sending messages to expensive premium-rate numbers.

Here’s the Clever Bit

As unsigned software can not be directly installed on Symbian Series 60 3rd Edition devices by default the installation package for this worm has indeed gone through the Symbian Signing process. According to sources they were submitted using Symbians express signing mechanism. The signed installation files contain additional unsigned SISX files which the host installer deploys. this type of mechanism makes it hard for certification systems to get a complete understanding of what the program being signed really does.

Does Symbian Revoking the Publisher ID Fix the Problem for Everyone?

Symbian Foundation has revoked the publisher ID that was allocated for these packages. But does that automatically fix the problem? No. Another step is needed.

Usually S60 phones are not configured by default to check for certification revocation. This is understandable. If hardware vendors were configuring phones to make data connections by default it would customer service nightmares for the carriers. Hardware vendors just can’t assume that customers will buy data plans so the certification check is off by default.

If you have an S60 phone and a data plan then you should adjust your Application Manager settings as shown below.

Global Botnet Smashed

Following up on the article link we published a few days ago “Three Spaniards Suspected Of Infecting 13 Million Computers Arrested In Spain” here is a link to a follow up article published on Australian IT.

Here is an excerpt from the follow up article,

SPANISH police said they had arrested three men suspected of building the world’s biggest network of virus-infected computers which hijacked more than 13 million PCs.

“This is the biggest network of zombie computers ever discovered,” the head of a Spanish police unit specialised in tech crimes, Jose Antonio Berrocal, told a Madrid news conference, using the term for PCs that can be controlled remotely by outsiders.

The “botnet” network was shut down at the end of December in a joint operation carried out by Spanish police, the FBI and two private information security firms, Canada’s Defence Intelligence and Spain’s Panda Security.

Spanish police said it was so big it could have been used to “carry out a cyberterrorism attack which would be much greater than those staged against Estonia or Georgia.”

Three Spaniards Suspected Of Infecting 13 Million Computers Arrested In Spain

According to an article published hours ago by CNN Spanish authorities have arrested three Spaniards suspected of infecting 13 million computers with a program that would allow them to steal personal and financial data from around the world.

Story highlights from CNN,

• Authorities arrest trio suspected of infecting 13 million computers
• The virus allegedly infected computers in more than 190 countries
• It installs a program that lets hackers steal personal, financial information
• The three suspects were arrested last week

Click here to read the full article on CNN.com

Dennis Blair – Director of National Intelligence – Yesterday Before the US Senate

“Malicious cyberactivity is occurring on an unprecedented scale with extraordinary sophistication,” he told the committee.

There are growing concerns among American intelligence officials about the calamitous potential of a well coordinated attack on the United States IT Infrastructure. this type of attack could result in what is often referred to as a “cyber-Pearl Harbor.”

Mr Dennis Blair said that the recent increase in cyberattacks citing the penetration of Google’s servers from within China, was a “wake-up call” for anyone wanting to diminish or dismiss the threat of computer warfare.

“Sensitive information is stolen daily from both government and private-sector networks, undermining confidence in our information systems, and in the very information these systems were intended to convey”.

Could 2010 be the Year Malware Goes Mobile?

Here’s an excerpt of a nice article published on the eWeek Security Watch web site theorising that 2010 may well be the year that mobile phones are targetted by malware.

Here is a brief excerpt from the article,

Experts Preach Careful Applications Usage for Mobile Security.

This shift will force handheld users to be far more selective about which programs they choose to run on their devices, experts including ESET’s Randy Abrams have observed.

“It looks like 2010 is going to be a pivotal year for mobile malware. We may not see a lot of it, but we are seeing a robust infrastructure reaching enough maturity to support wide scale attacks,” Abrams said in a recent blog post. “A stock Android will probably be relatively safe, but the applications you can choose to put on it may make it very unsafe.”

Click here to read the full article on the eWeek Security Watch web site

Tips For Dealing With Text Message (SMS) Spam

Text messages sent from companies trying to flog their services to you or trying to get you you to call or text a premium service number are not just intensely annoying, they are spam.

Here are some ways that you can minimise your exposure to text message spam.

Read more