Botnets is becoming the biggest threat and arrived to all system in the globe even mobile devices, I don’t think that there is a person have not been a victim to Botnet, there is many people thinks that the operator is responsible of spamming their customers but this is not true.
Security professionals are always expecting the damage before it happens and try to solve the serious issue; today hackers have changed their landscape to get more benefit from there Cybercrimes.
The first important point to note that modern phones have wireless adapters. This can make them always online and vulnerable to such attack. Here I wanted to list some technical specification to demonstrate the benefits from implementing mobile-phone zombies comparing to classical infected machines:
1. Fast IP-address changing.
2. Low connection speed.
3. Ability to receive commands from the GSM network without the Internet (SMS..).
4. No Antivirus and Antispyware on the device.
5. No traffic control by the owner.
6. Storing personal data in the phone (credit card numbers, PINs, accounts, addresses, and so on.).
7. Calls and sending SMS.
8. Locator on the map GSM or GPS (if your phone has a controller).
9. Recorder (as a listening device).
As you can see here are 9 features that can serve Hackers perfectly to do their job. And by the way the list can be extended.
Now what is the tactic that hackers perform to implement botnets?
Usually they start by scanning the network searching for vulnerable hosts. The computers are identified by IP address but for the iphone it is identified by the IMEI a unique code issued by the manufacture. This code is also used to identify a stolen phone so if you lost your phone the Cellular operator can find it on the network using this ID. However the same IMEI are used for identifying the phone for the Zombies network.
After identifying the phone a Trojan should be executed by an infected website or any other way and this Trojan acts as a back door and opens a port on the local phone for connections. To get the instruction from a remote host and here the phone will act as the attacker desire sending spam for advertisement changing the wallpaper or Listening to the conversations. While there is no AV and no traffic control as a firewall… this phone will remain part of botnet.
Here is the First iPhone worm discovered and reported today by sophos.
The good news here is that this Bot network is not very big but we should be very careful about the iPhone sources and what we install on it (games, applications…).
make sure you subscribe to my RSS feed!