October 6, 2013 weblog
Phone charger can place user on malware alert
(Phys.org) —More smartphones, more smartphone apps, and more busy smartphone users downloading apps have become attractive magnets for malware agents. A new category has grown up, not just general malware software but "mobile malware" and it continues to grow. Users have their own headaches when victimized and so do businesses. A sobering example of mobile malware surfaced this year at the Black Hat security event in August, where a Georgia Institute of Technology team showed how iPhones could be compromised with a charger, performing actions such as adding apps on the device without the user's permission. Interestingly, if that put a whammy into people's emotional feelings about phone chargers as a necessary evil, they may soon find themselves switching views in seeing chargers as a saving grace.
A Virginia-based company, Kaprica Security, is set to introduce a smartphone scanner in the form of, all things, a charger. Skorpion, as the charger is named, will provide relatively easy protection because the device will scan for malware while the phone is powering up. The setup is no more complicated than plugging in Skorpion and plugging the phone into the charger. In doing so, Skorpion will scan for malware, viruses and malicious rootkits, The process consists of three basic parts, quick scan, deep scan, and a report of the results via the company's web interface.
The company has a slogan of "Being secure is as easy as charging your phone." The product differentiation lies in the fact that it is physically separate from your smartphone, to raise the level of protection. The user gets to inspect the phone without having to rely on the phone for malware detection. Apps for catching malware may not succeed in identify the types that sit silently without the user aware that anything unusual is going on.
With Skorpion, if malicious behavior is identified, the charger lights up with a red LED alert while its green light means no problems have been found. The company's web interface identifies and reports on any malicious content and how "clean" the mobile device is. The interface keeps up with stats guides on what actions to take if the phone is compromised. Scan results can be shared with the user's company IT department.
According to a report in MIT Technology Review, Kaprica's Skorpion will be co-branded with Belkin and will sell this year or early 2014. The charger will sell to enterprise customers for about $65. Customers paying monthly subscription fees of $3 to $4 will receive added features. Kaprica CEO Doug Britton was formerly a manager at Lockheed and focused on cyber-security research.
© 2013 Phys.org