iPhone Next up for Hackers

apple_iphone_logoBotnets is becoming the biggest threat and arrived to all system in the globe even mobile devices, I don’t think that there is a person have not been a victim to Botnet, there is many people thinks that the operator is responsible of spamming their customers but this is not true.

Security professionals are always expecting the damage before it happens and try to solve the serious issue; today hackers have changed their landscape to get more benefit from there Cybercrimes.

The first important point to note that modern phones have wireless adapters. This can make them always online and vulnerable to such attack. Here I wanted to list some technical specification to demonstrate the benefits from implementing mobile-phone zombies comparing to classical infected machines:

1. Fast IP-address changing.
2. Low connection speed.
3. Ability to receive commands from the GSM network without the Internet (SMS..).
4. No Antivirus and Antispyware on the device.
5. No traffic control by the owner.
6. Storing personal data in the phone (credit card numbers, PINs, accounts, addresses, and so on.).
7. Calls and sending SMS.
8. Locator on the map GSM or GPS (if your phone has a controller).
9. Recorder (as a listening device).

As you can see here are 9 features that can serve Hackers perfectly to do their job. And by the way the list can be extended.

Now what is the tactic that hackers perform to implement botnets?

Usually they start by scanning the network searching for vulnerable hosts. The computers are identified by IP address but for the iphone it is identified by the IMEI a unique code issued by the manufacture. This code is also used to identify a stolen phone so if you lost your phone the Cellular operator can find it on the network using this ID. However the same IMEI are used for identifying the phone for the Zombies network.

After identifying the phone a Trojan should be executed by an infected website or any other way and this Trojan acts as a back door and opens a port on the local phone for connections. To get the instruction from a remote host and here the phone will act as the attacker desire sending spam for advertisement changing the wallpaper or Listening to the conversations. While there is no AV and no traffic control as a firewall… this phone will remain part of botnet.
Here is the First iPhone worm discovered and reported today by sophos.

The good news here is that this Bot network is not very big but we should be very careful about the iPhone sources and what we install on it (games, applications…).

make sure you subscribe to my RSS feed!

Share
Subscribe
Notify of
guest
11 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
trackback

[…] This post was mentioned on Twitter by Mourad ben lakhoua and Mourad Ben Lakhoua, Seeb. Seeb said: RT @MBenLakhoua: iPhone Next up for Hackers http://bit.ly/1Rtzv7 (via @sectechno) #Botnet #security […]

trackback

iPhone Next up for Hackers (via @sectechno) http://bit.ly/UnUgZ #iphone #security

trackback

@bkcloud18: 역시Many Thanks for the RT 공부해야 할까… RT @Sectechno iPhone Next up for Hackers http://bit.ly/1hiQ0s

trackback

역시 앞으론 모발보안을 공부해야 할까… RT @Sectechno iPhone Next up for Hackers http://bit.ly/1hiQ0s

trackback

Many Thanks for RT @technicalworld: RT @Sectechno iPhone Next up for Hackers http://bit.ly/1hiQ0s

trackback

RT: @Beyondsecurity_ RT @MBenLakhoua: RT @technicalworld: RT @Sectechno iPhone Next up for Hackers http://bit.ly/1hiQ0s #security #iPhone

trackback

RT @MBenLakhoua: RT @technicalworld: RT @Sectechno iPhone Next up for Hackers http://bit.ly/1hiQ0s #security #iPhone

trackback

RT @MBenLakhoua: RT @technicalworld: RT @Sectechno iPhone Next up for Hackers http://bit.ly/1hiQ0s #security #iPhone

trackback

RT @technicalworld: RT @Sectechno iPhone Next up for Hackers http://bit.ly/1hiQ0s

trackback

@cautionsign: Many Thx for RT @sectechno: @da_BiGKahuna: Many Thanks for RT @securitypro2009 iPhone Next up for Hackers http://bit.ly/UnUgZ

trackback

RT @sectechno: @da_BiGKahuna: Many Thanks for RT @securitypro2009 iPhone Next up for Hackers | SecTechno http://bit.ly/UnUgZ