Firm warns of hacker threat to mobile gadgets

Feb 29, 2012 by Glenn Chapman
Cyber security veterans behind startup CrowdStrike will demonstrate at the RSA conference on Wednesday that the types of attacks used against computers are heading for smartphones.

Cyber security veterans behind startup CrowdStrike will demonstrate at the RSA conference on Wednesday that the types of attacks used against computers are heading for smartphones.

Former McAfee George Kurtz and Dmitri Alperovitch, who has researched major cyberespionage operations, have figured out how to take over smartphones using booby-trapped text messages.

"The reality is that those attacks are probably already in the wild and no one has discovered them," Alperovitch, the author of reports on cyberespionage operations Aurora, Night Dragon, and Shady Rat, told AFP.

Hackers could send a worded like a warning from the that the account will be canceled if the smartphone user doesn't click an enclosed link to resolve the matter.

Clicking the link then triggers the installation of that lets a hacker control the smartphone remotely.

"We can monitor and record all calls, get all inbound and outbound SMS messages... basically take over the phone," Kurtz said.

"Imagine sitting in a board meeting and someone accesses your phone and listens remotely."

A hacker could even track a smartphone user's whereabouts using a handset's location-sensing capabilities.

Tricking to click on links or to open rigged email attachments has been a longtime technique used to infect computers.

When it comes to smartphones, experts have mainly focused on the potential for makers of "apps" to program in nefarious tasks such as stealing data.

"When we look around we see people worried about malicious apps," Kurtz said. "We think the real issue is in those phones."

Kurtz and Alperovitch have been operating freshly-launched CrowdStrike in "stealth mode," but it has gotten $26 million in backing from global Warburg Pincus.

Relentless waves of that appeared to be the work of states inspired the researchers come up with a different way of taking on the threat.

"Most companies are focused on detecting malware, and there are millions of pieces of that, with new ones coming all the time," Kurtz said.

"It really is akin to focusing on the bullets in the gun as opposed to the shooter... We think most companies have an adversary problem, not a malware problem."

CrowdStrike is building tools to figure out who is behind attacks, how they move after invading systems and what they are out to steal or accomplish, according to the researchers.

"You can't know how best to fight a war without knowing who the enemy is, and it is the same thing in cyber space," Alperovitch said, describing China and Russia as the most prominent threats.

CrowdStrike plans to have a security product to market in the second half of this year.

"At the end of the day it is another guy sitting at a keyboard somewhere going after your data," Alperovitch said. "You don't have a malware problem, you have a people problem."

Explore further: Android gains in US, basic phones almost extinct

add to favorites email to friend print save as pdf

Related Stories

Cyber-security expert finds new flaw in smartphones

Feb 24, 2012

Just as U.S. companies are coming to grips with threats to their computer networks emanating from cyber-spies based in China, a noted expert is highlighting what he says is an even more pernicious vulnerability in smartphones.

Smartphones under growing threat from hackers

Feb 17, 2010

Smartphones are under a growing menace from cyber-criminals seeking to hack into web-connected handsets, but the mobile industry has contained the threat so far, security experts said.

Malicious programmers focus on smartphones, tablets

May 04, 2011

Malicious programmers are always looking for new targets. While smartphones and tablets replace PCs as the gadgets we use for messaging, Web surfing and even doing business, some shady characters are starting to target these ...

Recommended for you

Android gains in US, basic phones almost extinct

Apr 18, 2014

The Google Android platform grabbed the majority of mobile phones in the US market in early 2014, as consumers all but abandoned non-smartphone handsets, a survey showed Friday.

Hackathon team's GoogolPlex gives Siri extra powers

Apr 17, 2014

(Phys.org) —Four freshmen at the University of Pennsylvania have taken Apple's personal assistant Siri to behave as a graduate-level executive assistant which, when asked, is capable of adjusting the temperature ...

Microsoft CEO is driving data-culture mindset

Apr 16, 2014

(Phys.org) —Microsoft's future strategy: is all about leveraging data, from different sources, coming together using one cohesive Microsoft architecture. Microsoft CEO Satya Nadella on Tuesday, both in ...

User comments : 0

More news stories

Making graphene in your kitchen

Graphene has been touted as a wonder material—the world's thinnest substance, but super-strong. Now scientists say it is so easy to make you could produce some in your kitchen.

Low tolerance for pain? The reason may be in your genes

Researchers may have identified key genes linked to why some people have a higher tolerance for pain than others, according to a study released today that will be presented at the American Academy of Neurology's 66th Annual ...

How to keep your fitness goals on track

(HealthDay)—The New Year's resolutions many made to get fit have stalled by now. And one expert thinks that's because many people set their goals too high.

Less-schooled whites lose longevity, study finds

Barbara Gentry slowly shifts her heavy frame out of a chair and uses a walker to move the dozen feet to a chair not far from the pool table at the Buford Senior Center. Her hair is white and a cough sometimes interrupts her ...