This post will discuss about mobile security finally a serious problem that happen around us without we acknowledge. In the world of computers and communications, the more widely a technology is used, the more likely it is to become the target of hackers. Such is the case with mobile technology, particularly smartphones, which have exploded in popularity in recent years. According to market analysis 6.648 Billion (83.72% of the world’s population owning a smartphone). Many users download mobile applications with little regard to whether they’re secure, providing a ready way for hackers to attack the devices.
THREATS ON THE MOVE
Attackers form a botnet by infecting multiple machines with malware that victims generally acquire via e-mail attachments or from compromised applications or websites. The malware gives hackers remote control of the “zombie” devices, which can then be instructed to perform harmful acts in concert. The easiest way for an attacker to benefit from a mobile zombie network is to send SMS or multimedia message service (MMS) communications to a premium phone account that charges victims fees per message. The scammers act as the premium account owner’s affiliates, receiving some of the money that their attacks generate.
2. Malicious applications
In some cases, hackers have uploaded malicious programs or games to third-party smart phone application market places—such as those for Apple’s iPhone and Google’s Android devices—or have otherwise made them available on the Internet. Once on a handset, the programs steal personal information such as account passwords and logins and send it back to the hacker. They also open backdoor communication channels, install additional applications, and cause other problems.
3. Social networking
Malicious links on social networks can effectively spread malware. Participants tend to trust such networks and are thus willing to click on links that are on “friends’” social networking sites, even though—unknown to the victim—a hacker may have placed them there. Clicking on a link could download a malicious application on a victim’s computer. This could let a hacker place Trojans, spyware, and backdoors on the machine and even conduct identity or information theft.
Hackers can use spyware available online to hijack a phone, allowing them to hear calls, see text messages and e-mails, and even track a user’s location through GPS updates. Most commercial mobile spyware applications send an update of captured communications or location data to a website where the spy logs in to view the data. In some cases, SMS communications inform the spy that the system has obtained new data. The software can even create a hidden access point inside a mobile phone that lets a hacker turn on the device without it ringing.
Phishing poses the same risk on smartphones as it does on desktop platforms. In fact, many users trust their mobile device more than their computers and thus are more vulnerable to phishing. Mobile phishing is particularly tempting because wireless communications enable phishing not only via e-mail, as is the case with PCs. Social media phishing is becoming a major issue as social networking sites contain an increasing amount of personal information that phishers can use to make their attacks more effective
Wi-Fi Hackers can intercept communications between smartphones and Wi-Fi hotspots. If a user connects to a hotspot for the first time, the end to-end connection between the user’s device and the hotspot provider is not secured, so the hacker can intercept and control the user’s traffic. In this scenario, the hacker gets between the user and the hotspot provider and hijacks the session via a man-in-the-middle attack.
A hacker can also set up a peer to-peer network that mimics a Wi-Fi hotspot offering a high-quality connection, which entices users to connect. The hacker then intercepts victims’ transmissions without their knowledge.
Feel free to contact E-SPIN for mobile monitoring, and mobile security solution.
Original posted in 14-Nov-2017. Rewrite and up-to-date on 24-Jun-2022.
To know more about Mobile Security, please click on the link below.