Category Archives: Mobile OS

Mobile Malware to Rise in 2013

The Cybersecurity company Eset predicts Android infections will grow next year, as more people use their smartphones for banking.

“We see as the main trend for 2013 an exponential growth of mobile malware,” cyber security software maker Eset predicts this week in its 2013 trends report (PDF).

Driving the interest of cybercriminals in the mobile market, Eset says, is the rapid adoption of smartphones, particularly those running Android, and the increased use of the devices for monetary transactions.

The volume of malware designed for mobile devices is a direct response to the speed at which the technology is being adopted, according to Eset’s report. “If the market grows and technology is enhanced, then as long as users who use these devices to store an increasing amount of sensitive information do not adopt the necessary measures, it is logical to expect cybercriminals to create computer threats to profit from this situation.”

Eset researchers also observe, “There is a direct parallel here to what has happened with personal computers, but at a much slower pace over a much longer period.”

The report notes that Android now has more than 64 percent of the smartphone market, compared to 43 percent in 2011. “As Android’s market share rises and people use it more and more to store personal and corporate information, or for online banking or related services, cyber criminals will develop more malware to steal information, thus gaining illicit revenue.”

The researchers predict that next year, 530 million people will access banking services from their smartphones; it’s a 76 percent jump from 2011, when only 300 million people banked on their mobile phones.

Eset notes that Android malware typically contains one of three malicious payloads. A large number of malware programs (40 percent) clandestinely subscribed their victims to premium SMS services. About a third (32 percent) of bad apps turned the devices they infect into zombies, which can be controlled by an ether thief. More than a quarter (28 percent) of malicious apps steal information from a phone.

Spreading pernicious payloads through infected websites will also continue to grow in 2013, Eset forecasts.

A factor contributing to increased interest in poisoned websites to spread malware has been the decline of “thumb” flash drives as popular infection vehicles for cybercriminals.

The introduction of the first commercial version of Windows XP in 2001 and the massive uptake of removable storage devices marked the beginning of the era of worms that spread through those media by exploiting a Windows XP design vulnerability called Autorun, the report explained.

“Given that this problem was solved in 2009 and that users have migrated towards new versions of Microsoft Windows, the number of malicious programs still using this technique has diminished in the past few years,” Eset notes.

“Though there is no shortage of malware that includes it on the off chance of finding an unpatched system,” it adds.

Eset outlined in its report how Web miscreants proliferate their malicious wares through infected websites:

    • First, an existing vulnerability is exploited in a web server and malicious code is injected into the site.

    • Then, targets are steered to the infected site throughA hyperlinks sent to a list of users through email, social networks, or any other means.

    • When the target visits the site, the malware is downloaded to their computer or smartphone, where it performs its pernicious actions.

According to Eset’s report, “Malware targeting Android will not only keep on rising at a considerable rate, but also will continue to evolve until they are very similar in capability to their peers in the world of more traditional computers.”

Japanese Android Developers Arrested for Infecting 270,000 Phones With Malware

Today Japanese police arrested five Android developers for embedding a virus into their Android apps.

It is well known that there are plenty of ‘High-Risk’ applications in the Google Play store as well as on third party Android marketplaces. According to Japanese police they initially suspected only 90,000 infections from these apps, but they found that these guys collected 10 million separate pieces of information from their series of apps. According to Google Play, some apps have been downloaded 270,000 times.

The developers technique to get people to download their virus-ridden software was they simply took names of popular games, and added “The Movie” to the end. So,  for instance, “Angry Birds: The Movie.”.

Just another case of Android malware and viruses being distributed on Android devices. Hopefully the new ‘Bulit-in Malware App Scanner’ introduced in Android’s latest OS will help to fix this problem.

More Than 290,000 Google Play Android Apps Labeled as ‘High-Risk’

According to new research done by Bit9, One-quarter of more than 400,000 Android apps examined in the Google Play store pose security risks to mobile-device users.

Security vendor Bit9 categorized these Android apps as “questionable” or “suspicious” because they could gain access to personal information to collect GPS data, phone calls or phone numbers and much more after the user granted “permission” to the app. “You have to say ‘yes’ to the application or it won’t run,” pointed out Harry Sverdlove, Bit9 CTO.

Bit9 claims that games, entertainment and wallpaper apps especially seem to want to grab users data, even though their functions would seem to have little direct use for that data. Bit9 notes this doesn’t mean these apps are malware per se, but they could do damage if compromised because the user has granted so much permission.

Bit9 is now compiling a “reputation” database of Android apps, according to Sverdlove. The firm is also going to move on to other app stores, including those from Apple and Amazon, in order to create mobile security products that can protect users based on risk-scoring of apps. 

Bit9 categorized these “questionable” and “suspicious” apps it found in Google Play below:

    • 42% access GPS location data, and these include wallpapers, games and utilities

    • 31% access phone calls or phone numbers

    • 26% access personal data, such as contacts and email

    • 9% use permissions that can cost the user money

Bit9 looked through Google Play to collect detailed information about 412,000 mobile apps, including publisher, popularity, user rating, category, number of downloads, requested permissions and price.

Of the 412,222 Android apps evaluated from Google Play, Bit9 says more than 290,000 of them access at least one high-risk permission, 86,000 access five or more and 8,000 apps access 10 or more permissions “flagged as potentially dangerous.” The report defined risk level according to relative degrees of privacy intrusion and the app’s feature set.

The study also included a survey of 138 IT professionals responsible for mobile security for over 400,000 users in their organizations. Below are the results:

    • 78% think phone makers do not focus enough on security, but 71% allow employee-owned devices to access their organization’s network.

    • Only 24% deploy some form of app monitoring or control to grant visibility into employees’ devices.

    • 96% allowing personal devices also allow employees to access email using the device, while 85% allow access to company calendar data.

    • 84% feel Apple iOS is “more secure” than Android and 93% of respondents allow iOS to access their network. Only 77% allow Android devices, and in something of a surprise, 13% say they allow rooted Android or “jailbroken” iPhone devices onto their networks.

Source: Network World

Android Apps Expose Personal Data Because of Flaws in SSL Implementations

German researchers analyzed a sample of 13,000 Android applications and found that more than 1,000 contained serious flaws in their SSL implementations.

The researchers from Leibniz University in Hannover and Philipps University of Marburg published this paper (PDF), showing their findings. They found that 17 percent of the SSL-using apps in their sample suffered from implementations that potentially made them vulnerable to man-in-the-middle MITM attacks.

The researchers claim they were “able to capture credentials from American Express, Diners Club PayPal, bank accounts, Facebook, Twitter, Google, Yahoo, Microsoft Live ID, Box, WordPress, remote control servers, arbitrary e-mail accounts, and IBM Sametime”.

In addition, since virus software also uses SSL, “We were able to inject virus signatures into an anti-virus app to detect arbitrary apps as a virus or disable virus detection completely.”

This issue has come about because of developers misusing the SSL settings the Android API offers.

Examples given by the researchers including apps that are instructed to trust all certificates presented to them. (There were 21 of 100 apps selected for a MITM test) of that 20 of the MITM-tested apps were configured to accepts certificates regardless of its associated hostname (for example, an app connecting to PayPal would accept a certificate from another domain). Other issues included SSL stripping and “lazy” SSL implementations by developers.

The researchers also noted that a number of apps provided insufficient feedback to users, for example, failing to tell the user whether or not it was using SSL to transmit user credentials.

Google Wins ‘Face-to-Unlock’ for Multiple Users Patent

Google has won a patent that will enable a user to unlock their device by pointing their face at the built-in camera, also allowing the user access to their personal profile. This “face-to-unlock” patent lets multiple users share one “computing device.”

This technology would be great on Android devices, and would be cool to see along with the support for multiple users on Android devices.

Google has recently won a few pretty cool patents that will probably be used in Android devices before too long. Read about the “Seeing With Your Hand Patent” that Google was recently granted and the “Patent for Eye Tracking-Based Unlock System”.

Eye Tracking-Based Unlock System

Eye Tracking-Based Unlock System

Android-Powered Nexus One & Nexus S to Command Small Scale Spacecraft

NASA’s Research Center, Ames, is working on a new project designed to lower the cost of launching and operating small satellites. These specific satellites are Low Earth Orbit (LEO). This will use the Android-powered phones the Nexus One and the Nexus S to command the spacecraft.

The project is know as PhoneSat, and it will launch two different satellites into LEO orbit, both with different goals.

First there is PhoneSat 1.0 and it is based on the Nexus One. The one and only primary goal for PhoneSat 1.0 is to stay alive, meaning it is designed to test if the smartphone can operate for a reasonable amount of time while in space. The Nexus One is to use it’s camera to take pictures and send them back to Earth with other general information about the spacecraft. There will be an external radio beacon in place to indicate the satellite itself is ok and intact. This also is because if the signal is being received from the beacon and no signal is being received from the Nexus, then the problem is with the Nexus and not the spacecraft, there is also an external device that monitors the Nexus One and reboots it if the flow of data stops.

Google Nexus One

Google Nexus One

Second there is PhoneSat 2.0 which will be based on the Nexus S. Phone 2.0 will also feature additional hardware over PhoneSat 1.0. It will have solar panels so it will operates for a longer period of time, and scientist will be able to send commands to PhoneSat 2.0 because it has a two way radio. The last feature is PhoneSat 2.0 will have magnetorquer coils and reactions wheels, these are devices that will allow the satellite to orient itself and maintain proper position using electricity from the solar panels.

Google Nexus S

Google Nexus S

PhoneSat is part of a larger NASA program, the Small Spacecraft Technology Program, which has a goal to leverage the incredible technological advances in consumer technology to create cheaper spacecraft.

According to Ames engineer Chris Boshuizen “Your cellphone is really a $500 robot in your pocket that can’t get around. A lot of the real innovation now happens in entertainment and cellphone technology, and NASA should be going forward with their stuff.”

The hardware that these devices contain does make sense why they are perfect for this kind of project. They have GPS, cameras, compass, gyroscope, microphone and so on. To save weight the screens and cases will be removed and the batteries replaced with something more powerful and designed for the adventures.

Another reason why this makes sense to use Google’s Android OS is because it is open source and can be configured however NASA desires. NASA can modify the source code of the OS they want on the devices and then flash it to their satellite.

In 2010 a group of engineers put two Nexus One devices into high altitude rockets to see if they could handle the extreme forces of launching. One of the Nexus One devices was destroyed when its parachute did not deploy, but the other Nexus One landed and was in perfect working condition. Both devices recorded data during the entire ride.

Watch this Youtube Video Here

Severe Security Flaw in iOS Exposed

Security researcher and iOS hacker pod2g has found and detailed a flaw in iOS that is considered “severe”, though it does not involve code execution.

According to pod2g “The flaw exists since the beginning of the implementation of SMS in the iPhone, and is still there in iOS 6 beta 4.”

The flaw is found in the SMS messaging on iOS devices. The SMS text is a few bytes of data exchanged between two mobile phones, with the carrier transporting the information. The text is converted to PDU (Protocol Description Unit) by the mobile device and sent through then passed to the baseband for delivery.

PDU handles the sending and receiving of various types of messages in mobile devices. Included in the message header there are various pieces of information about the message, including the details of the message sender. This feature is commonly used for automated messages from companies and carriers. And since carriers don’t check for the validity of this information when used by third-parties it can be exploited.

Because iOS does not allow you to view the number that you’re replying to this enables a malicious sender to fake his identity, making you think that a trusted number is sending the SMS. Because the “reply-to” number is different to the number displayed, iOS would send your message to a hidden number without you realizing.

According to pod2g, he believes the following is why this flaw is an issue:

    • Pirates could send a message that seems to come from the bank of the receiver asking for some private information, or inviting them to go to a dedicated website. [Phishing]
    • One could send a spoofed message to your device and use it as a false evidence.

Source: pod2g’s iOS Blog

RIM Awarded Patent for BlackBerry 10 Keyboard

RIM has been awarded the patent for the “handheld electronic device with text disambiguation.” This is the BlackBerry 10 keyboard that has been shown off by RIM since BlackBerry World 2012. We have already seen an iOS version for jailbroken iPhones but it looks like we won’t be seeing this technology on any other devices, which I think is really beneficial for RIM.

This is how RIM describes this keyboard:

A handheld electronic device includes a reduced QWERTY keyboard and is enabled with disambiguation software. The device provides output in the form of a default output and a number of variants. The output is based largely upon the frequency, i.e., the likelihood that a user intended a particular output, but various features of the device provide additional variants that are not based solely on frequency and rather are provided by various logic structures resident on the device. The device enables editing during text entry and also provides a learning function that allows the disambiguation function to adapt to provide a customized experience for the user. The disambiguation function can be selectively disabled and an alternate keystroke interpretation system provided. Additionally, the device can facilitate the selection of variants by displaying a graphic of a special key of the keypad that enables a user to progressively select variants generally without changing the position of the user’s hands on the device.

Source via: USPTO and Engadget

What I want most from BlackBerry 10

I have officially decided what I want to see come with BlackBerry 10 more than anything. What I really hope is that when BlackBerry 10 devices are released that they no longer lock up and are unusable for 1 to 2 minutes with the Track Pad (or Hour Glass) on the screen just frozen with nothing you can do but pull the battery or wait for it to unfreeze. This has been such an annoyance to me for as long as I can remember and my Bold 9900 has been getting progressively worse the past couple days leading me to think it is time again for another complete device wipe, which I really wish wasn’t the case.

This is no huge deal and I’m not going to leave BlackBerry because of it or anything, but it would really be wonderful if I was able to get through the entire day using my BlackBerry and completely flowing through all my apps and getting stuff done with none of these annoying hiccups on my device.

First look at the BlackBerry ‘London’

This is a picture that is hopefully what we are going to see with the first BlackBerry 10 device, though it may not be the first to be released it is the first look at what we might see coming from RIM in 2012. Although it looks different from that of the first leaked images of the BB10 ‘London’ I really like the look of this device and I know a lot of people will be attracted to this form factor and the supposed specs this device might have, like a 1.5Ghz dual core processor, according to CrackBerry possibly TI OMAP5 and Qualcomm chipsets are being tested.

Hopefully this is a device that we will see before too long and this is a device I believe is going to really boost the future of BlackBerry in the mobile market and will attract a lot of old and new consumers back to BlackBerry.

Source: CrackBerry