Sunday, 30 October 2011

Spy Smartphone Software Tracks 'Every Move'

11:14am UK, Sunday October 30, 2011

Sam Kiley, security editor

As marketing pitches you don't get much lower: "Track every text, every call and every move your spouse makes…"

Yes, software manufacturers have harnessed the green-eyed monster.

"A cell phone plays a role in almost every affair," said one producer of mobile phone spyware.

Another spelled it out: "When you begin to notice signs of a cheating spouse, the best way to catch that cheat is to spy on his or her cell phone using spy software.

"Such software is required because the cell phone has become the modern day keeper of secrets and its uses are as versatile and diverse as their makes and models."

But it is not just for jealous partners.

There is no way that a victim would know his phone had been comprehensively hacked.

Jason Hart, cyber security expert

Software designed to completely mine every secret on a smartphone can track its users, record their calls, copy their emails, read their text messages and bug the rooms the phones are sitting in.

Jason Hart, a cyber security expert with Cryptocard, explained how easy it is to turn a mobile phone into a pocket spy.

It starts with a little 'social engineering'.

By hacking the phone of someone the victim might trust, and learning something about them from reading their Tweets and Facebook page, the attacker will send a personalised email from a known account.

The user opens an email and a document, a picture, letter or pdf file.

A programme can be embedded in the attached document which takes the hacked user's phone off to a secret website site which covertly downloads spying software onto the smartphone.

Shortened weblinks are also a risk.

"Using Facebook and Twitter (and) getting an individual to click on a shortened link would actually take them to a website and automatically install malware," said Mr Hart.

"There is no way that a victim would know his phone had been comprehensively hacked."

Smartphone spyware ad

Spyware 'can covertly operate all of a smartphone's functions from afar'

Attacks on smartphones shot up by 46% last year, and this year the percentage is likely to be in the thousands.

We loaded the commercial software onto my phone and very quickly Mr Hart was watching my emails come through.

The vendors of the software promised that he would be able to intercept and listen to my calls - we could not get that to work. But, as a bug, my phone was close to perfect.

The software meant Mr Hart could dial into my phone and it would secretly answer - broadcasting any conversation I was having near the handset back to him.

"Once a criminal or spy has got hold of software like this and loaded it onto your phone, there is very little indeed that you will be able to do either to detect or, or defend yourself. This is a total compromise," Mr Hart said.

Spyware can covertly operate all of a smartphone's functions from afar, turning it on and off, and stealing its secret contents.

Almost 500,000 new smartphones will be sold this year around the world.

Malware developers are running ahead of the industry's ability to develop tools which, in any case, would inevitably restrict how useful smartphones can be to a customer.

But, as losses to intellectual property theft are estimated to cost the UK £17bn a year, it is clear companies will be demanding an air gap between smartphones used for business - and smartphones used for everything else.

So, for the skiving worker, the truant teenager and the faithless spouse, there can only be a few words of advice - that phone isn't smart, it's a sneak.


Copyright 2009 Jason Hart. Powered by Blogger Blogger Templates create by Deluxe Templates. WP by Masterplan