“China, wary of operating systems from the Western world, has built a new smartphone OS that it believes will be more secure than the likes of Android and the iPhone. While China claims it as its own, the OS looks like it’s based on Android.”
Recently a flaw was discovered governing the locking behavior in Android that would allow a malicious app to unlock a device regardless of your locking mechanism such as a Pin, Password, Gesture and the like.
In a blog post on the IT Security Blog the authors summarize the the problem is that how the class ChooseLockGeneric was developed allows for the bypassing of security confirmation so that:
“We can control the flow to reach the updatePreferencesOrFinish() method and see that IF we provide a Password Type the flow continues to updateUnlockMethodAndFinish(),” the author then goes on to write “Above we can see that IF the password is of type PASSWORD_QUALITY_UNSPECIFIED the code that gets executed and effectively unblocks the device.”
Having worked on a similar project this seems hard to understand why it would take so long to field a solution
DroidScope: Seamlessly Reconstructing the OS and Dalvik Semantic Views for Dynamic Android Malware Analysis | USENIX
Interesting presentation and paper on DroidScode
Alcatel-Lucent reports rising cases of malware and breaches of cyber-security on broadband devices and smartphones
This seems to be a lot of stating the obvious but its still important to keep raising peoples awareness of the risk of smart phones. The speakers plan to show a application that can be injected into a Android phone and allow individuals to spy on it. This seems also old had since many such applications exist and Ordo13 members even presented working PoC’s and CERDEC in 2009 that also worked on other mobile platforms. Once again though such exercises help make users more aware.
Paris, July 23, 2013 – Alcatel-Lucent (Euronext Paris and NYSE: ALU) today released new data showing that security threats to fixed and mobile broadband networks are on the rise as global consumer usage continues to grow.
Figures for the second quarter of 2013 by Alcatel-Lucent’s Kindsight subsidiary have revealed an increase in malicious software or “malware” used by hackers to gain access to devices for corporate espionage, spying on individuals, theft of personal information, generating massive quantities of spam, denial of service attacks on business and governments and millions of Euros in fraudulent banking and advertising scams.
Due to the unique position of Alcatel-Lucent’s network security and analytic products within service provider networks, it can measure the impact of traffic types traversing the network, including malicious and cyber-security threats.
The latest Kindsight Security Labs Malware Quarterly Report found that 10% of home networks and over 0.5% of mobile devices were infected with malware, both increases from the previous quarter.
Other highlights of the report include:
6 percent of home networks exhibited high-level threats, such as ‘bots’, ‘rootkits’ and ‘Trojan’ banking viruses – all types of malware infecting computers, computer programs and applications running on computers.
The ZeroAccess botnet continues to be the most common malware threat, infecting 0.8 percent of broadband users.
In mobile networks, the vast majority of infected devices are either Android™ phones or Windows™ laptops tethered to a phone on connected directly through a mobile USB stick or MIFI hub.
Mobile malware continues to grow with a sixfold increase in the number of Android malware samples.
Malware and cybersecurity threats continue to be a growing problem for home networks and mobile devices, particularly for Android smartphones and tablets which are increasingly targeted,” said Kevin McNamee, security architect and director of Alcatel-Lucent’s Kindsight Security Labs. “Users often don’t take the appropriate security precautions for their mobile devices, and even when they do a malicious app can easily evade detection by device-based anti-virus.”
The report also includes the top 20 home network infections and Internet threats, as well as analysis of malware developments, including ZeroAccess, Alureon, the Zeus banking Trojan, Uapush, QDPlugin, and others.
The Kindsight Security Labs report also includes information on the rise of mobile spyware as a threat to the BYOD (bring your own device) trend in workplaces. To demonstrate how a smartphone can become a cyber-espionage device, McNamee said Kindsight has developed a proof-of-concept spy-phone software module that can be injected into just about any Android application. From a remote web based command center the attacker can:
• Track the phone’s location
• Download contact lists and personal information
• Intercept and send messages
• Record conversations
• Take pictures
Alcatel-Lucent will demonstrate the risks of a mobile spyphone at the Black Hat 2013 security event event in Las Vegas, July 27-August 1.
Most phones have some flaw that allows a bypass of the screen lock and Samsung is no exception.