Skip to main content
  1. Tech
  2. Gadgets & Tech
  3. Internet

Mobile phone hacking: proactive and reactive responses

See also

Mallorie’s Android phone was acting odd, like it was possessed. The thing had a mind of its own, sending garbled texts and gambling. Ghost? Or hacked?

Mallorie locked down the phone when it was charging so it wouldn’t purchase poker chips. One day she forgot to lock it and it went on a shopping binge. Packages began appearing at her doorstep.

Obviously, someone had access to her credit card. But how? And what could poor Mallorie do to disable this thief?

Millions of mobile devices get infected. But police officers won’t bother with this. Mallorie cancelled her credit card and deleted the “possessed” apps. Then she crossed her fingers.

How do mobile phones get attacked?

A study showed that 86 percent of Android malware employs “repackaging.” Here’s how it’s done:

  • Download an application
  • Decompile it.
  • Add malware.
  • Recompile the app.
  • Submit it back into public circulation—after changing its name.
  • Someone else downloads this changed-name application, and the malicious payload infects their device.
  • A repackaging variation, “updating,” involves adding a code that will tag a malicious payload at a later date.

How can you tell your mobile has been infected?

  • It begins behaving oddly. Something is off—sometimes slightly, sometimes blatantly, such as the device is sending your address book to a foreign IP address. Hook your mobile to a WiFi and see where it sends information to.
  • Unfamiliar charges on the bill. Malware on a phone will produce unauthorized charges. The device is hooked to an accounting mechanism, making it a snap for thieves to send premium SMS text messages or make in-app purchases—which cost you money.

How can you protect your mobile?

  • Keep its software up to date: easy to do on iOS but difficult on Android.
  • Some phones cannot be updated; these phones have OS vulnerabilities within them, making them open to attack. Users end up downloading malware which uses this OS vulnerability to infect the device.

Android vs. iOS for security

  • iOS beats Android for security against malware.
  • Apple placed restrictions on application functionality (e.g., premium SMS messages can’t be sent), which is why Android isn’t as secure against malware as is iOS.
  • Another reason: Android’s app review process is not top-notch at screening out bad applications (but it’s improving).
  • Both Android and iOS allow your personal data to leak out to ad networks. This isn’t considered malicious since a user may wish this to occur.

Scope of Problem

  • The verdict isn’t quite out on this.
  • Some say the problem is limited just to third-party app sellers and this can be avoided by going to iOS’s or Google Play’s app store.
  • Others believe everybody has a compromised application on their mobile.
  • More research is warranted to define scope of problem.

Who should protect the user?

  • The app maker? The carrier? Or the operating system provider?
  • Nobody has taken this responsibility currently. It’s kind of like a “that’s not my problem you downloaded a malicious app that we didn’t write,” or, “You wanted it; I only delivered it—not my problem.”
  • The buck is passed because user protection is expensive.

Solutions?

  • It would be great if the app store could provide very in-depth screening for all the types of malicious actions that apps can perform.
  • The caveat: This isn’t in the platform provider’s best interest because they want their store to carry a lot of applications.
  • Stores want more and more apps, and better ones, and don’t want anything to slow that process down.
  • Data can be secured when you communicate via a wireless network with a VPN like Hotspot Shield VPN. All web transactions can be secured via https.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield VPN. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

Advertisement

Don't Miss

  • The Crew
    'The Crew' exclusive: New details on racing types, open-world, seamlessness and more
    Games Exclusive
  • Amazon Prime
    Find out how you can share your Amazon Prime membership benefits with others
    Video
    Tech Tips
  • DayZ
    How 'DayZ' may be in trouble from Sony's newly announced 'H1Z1'
    Camera
    Games Feature
  • Facial recognition
    See how the FBI's facial recognition database is continuing to grow
    Headlines
  • Upcoming
    These are 2014's biggest PS4, Xbox One and Wii U games
    Camera
    Games Feature
  • Selfie
    A new automated mirror will take selfies and post them to social media for you
    Video
    Tech News

User login

Log in
Sign in with your email and password. Or reset your password.
Write for us
Interested in becoming an Examiner and sharing your experience and passion? We're always looking for quality writers. Find out more about Examiner.com and apply today!