Home > Uncategorized > Smartphones, the next targets of hackers- says experts

Smartphones, the next targets of hackers- says experts

Smartphones will the next target for the hackers- security specialists and hackers who flocked to Las Vegas last week for back-to-back Def Con and Black Hat conferences have mentioned. The popularity of smartphones is catching up fast, the sales is increasing – recently a survey in US, India and the IDC report suggests. people are more and more using their devices to connect to net, and are in the process storing heir passwords and other information on their smartphones, making it a point of interest for a hacker.

“We are entering a post-PC (personal computer) exploitation world,” said researcher Stephen Ridley of Xipiter, where his team uncovered that the same types of attacks that plague desktop computers can be turned on mobile gadgets.

Along with contact information for friends and logs of activities such as Internet surfing, smartphones typically have location-sensing capabilities that track where they have been. Using smartphones as “wallets” will be common within a decade, largely replacing cash and credit cards, according to a Pew Research survey released in April. Sixty-five percent of technology stakeholders and critics’ who responded to an opt-in poll by Pew Research and Elon University Imagining the Internet Center agreed that handheld gadgets would be a mainstream way to pay by the year 2020.

Google last year launched a Wallet service that lets sophisticated Android-powered mobile phones be used to “tap and pay” for purchases at shops.

“I think phones are going to be the only thing people are interested in popping in the next five years or so,” he concluded, saying hacker attention is shifting to the always-on, personal data-rich devices in people’s pockets.

Blackwing Intelligence security researcher Eddie Lee showed Def Con attendees how to how to use an Android-powered smartphone to pick up the data from a credit card and then used the swiped information for digital wallet purchases. “You can start spending on someone’s credit card; basically you can use it the way you use Google Wallet,” he said  while demonstrating his technique for a packed room of hackers. “We’ve know for a long time you can skim RFID [radio frequency indentification] credit cards,” he said. “This lets you abuse that information and spend on those cards. Maybe this will give the credit card companies an incentive to fix the things in my wallet.” He theorised that the tactic could work on other cards, such as those for metro system fares or building access.

Accuvant computer security firm consultant and former National Security Agency analyst Charlie Miller showed Def Con attendees a way to slip into smartphones by getting a sensor close enough to read signals from NFC [near field communication] chips. In some cases, it is even possible to take over control of a phone via NFC – stealing photos and contact lists, and sending text messages or make phone calls, according to Miller’s presentation.“You’re supposed to be paying for stuff and scanning movie posters with your smartphone, but be aware that this is another way that bad guys can attack your phone,” Mr Miller told AFP.

He showed that if he could briefly get an antennae device easily concealed in a sticker near enough to a phone at an opportune moment, it can open a virtual door that a hacker could slip in through. He contended it would be simple to discreetly affix an innocuous-looking sticker near a digital wallet touchpad at a store checkout counter and then linger nearby and hack phones of buyers. “It will pair with my machine and I can control the phone,” Mr Miller said.

“A bad guy can use that moment of talking to your phone to steal data,” he continued. “NFC is cool, convenient and fun; I’m just trying to say let’s pay attention to the security implications.” NFC or RFID technology used to share data with nearby sensors is used in smartphones, credit cards, and even passports.

(Source: theaustralian.com.au)

Advertisements
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s