Home / News / Mobile Phone News / BBC Creates Smartphone Malware To Highlight Security Issues

BBC Creates Smartphone Malware To Highlight Security Issues

by

BBC Creates Smartphone Malware To Highlight Security Issues

The BBC has created a smartphone application loaded with malware in order to highlight the dangers that smartphone users face.

The BBC reporter claims that he put the application together himself, with some help, using off-the-shelf toolkits that are available online, despite having almost no previous programming experience. The app was a crude game of noughts and crosses, designed to mimic the types of applications that are frequently downloaded in smartphone app stores. However, under the hood it was stealing sensitive data and emailing it to an account that the reporter has set up.

The app used 250 lines of code of its 1,500 total to gather contacts, copy text messages, log the phones location, and send that information on. Even if this information did not contain financially sensitive data it would certainly breach a user’s privacy.

The head of the security firm that worked with the BBC on the project claimed that, in terms of security, smartphones are now at the point that PCs were in 1999.

The BBC claim that only recently, Apple and Google have removed applications from their stores due to malware fears. However, in 2009, only two apps posted to the Android store were removed due to their attempts to access user’s financial information, according to a report by Wired.

TrustedReviews did not receive a reply from Google in response to a request for more information regarding rogue apps, while Apple was unable to provide any further information.

It terms of practical advice the BBC quoted Nigel Stanley, a security analyst at Bloor Research, who warned that people should look at battery life as an indication that something amiss is going on.

"A very obvious tell-tale sign on the phone is all of a sudden your battery life is deteriorating," he said. "You wake up one morning and your battery has been drained then that might indicate that some of the data has been taken off your phone overnight." However, we imagine that most people would leave their phone plugged in at night to charge, which would negate this tell-tale sign somewhat.

More practically, smartphone owners were also advised to keep an eye on their bills for unauthorised numbers dialling out. We’d have to say, that we all should be doing that anyway.

It was recently revealed that the JailBreakMe app for iPhones takes advantage of an exploit in how the Safari Mobile browser uses PDF files, which could potentially be used to direct users to a website for nefarious purposes. However, jailbroken iPhone users can install an application that warns on any PDF access to protect against this, which ironically makes their iPhones more secure than non Jailbroken handsets.

Link: BBC

Den

August 10, 2010, 8:28 pm

Quote: "It terms of practical advice the BBC quoted Nigel Stanley, a security analyst at Bloor Research, who warned that people should look at battery life as an indication that something amiss is going on."





That is total garbage. The software only needs to send a small amount of data once. You will never notice it effecting you battery unless a reporter from the BBC with no programming experience wrote the app.

jingyeow

August 11, 2010, 12:06 am

Does anyone remember the bane of those dial-up automatic "dialler" viruses that would call a phone number using your net connection. Often being a premium rate number from which the recipient could then collect a fee from BT for.





I spent many a week in contact with OFCOM who were useless. The most their powers could do was "Warn" BT of the number, but unable to get your money back...





This was around 2001, I think the new decade we are about to enter is a repeat of problems we suffered on PCs 10 years ago. Soon there will be a Norton Antivirus for your iPhone...

kaworu1986

August 11, 2010, 2:37 pm

So why again are we being stripped of our admin rights on the hardware we purchased? Because this sure doesn't seem to be doing anything for security or preventing malware.

IPeeOnHackers

August 12, 2010, 9:24 pm

Sigh... we should legally be able to break the fingers of people caught making one of these "viruses". Our phones are finally able to start running some very cool and useful applications and now we are going to have to start having antivirus and anti malware programs that will bog down the processors, taking away the effiency of the phones capabilities.

comments powered by Disqus