The Hacker News Logo
Subscribe to Newsletter

Hackers learning new ways to hijack smartphones !

How safe is your cell phone? Thieves are coming up with new ways to hijack the most popular smartphones. ABC Action News investigative reporter Michael George enlisted the help of a hacking expert to find out how these programs work, and how to beat them.

Droids, iPhones, and BlackBerries are just the tip of the iceberg when it comes to smartphones. The phones are wildly popular right now. USF student Marilyn Rodriguez says her whole life is on her phone.

“I love my phone. It gets me through classes. I keep track of my schedule, my homework assignments,” she said.

More and more consumers are using their phones for things they used to do on their home computers. That includes tasks that require private, financial information, like online banking and shopping. The problem is, hackers are starting to figure this out, too.

Stratum Security consultant Justin Morehouse is an expert in the methods used by hackers and identity thieves. It’s his job to anticipate what the bad guys will try next. Morehouse says their next target will be your cell phone.

“That’s absolutely going to happen on smartphones and it is starting to happen on smartphones,” Morehouse said.

Morehouse says it's not a big issue yet, but it will be in 2011 and the coming years because phones have a treasure trove of personal information that is, for the most part, unprotected.

Morehouse demonstrated for ABC Action News just how easy it is to hijack a smartphone. Using his home computer to write a program, it took just a few hours to set a trap for a Droid phone. The victim gets a text message that reads something like, “Check out this link!” As soon as the victim clicks on the link, the hacker is in.

Within seconds, Morehouse had complete access to the Droid phone from his home computer. He could tinker with any application or program on the phone without the user’s awareness.

“First, I’d probably just pull down any passwords you have stored in there. If you had any online banking apps, I’d pull that information down as well. Then, just maybe for fun, I’d go in there and get your pictures, see if you had anything funny,” Morehouse said.

Morehouse said a hacker didn’t need to specifically target you to steal your identity. The attacker could easily send out a mass text message to thousands of numbers, and steal the personal info of any of them who unknowingly clicked on the link.

While antivirus and antispyware programs are now common on home computers, hardly anyone has those programs on their cell phones.

“That’s terrifying. I check my bank account, like, at least 10 times a day, and it’s always right there in my phone,” Rodriguez said.

Fortunately, there are a few things you can do to stay one step ahead of the hackers.

Morehouse said no phone is 100% secure, but many consumers make their phone more vulnerable to hackers by “jailbreaking” or “rooting” their phone. If you decide to modify your phone, understand that there could be consequences.

Morehouse also suggests you only install applications from trusted sources, like Apple’s AppStore or Google’s Android Market. Review the permissions that applications ask for, and do some research before installing the programs.

There are new apps out that provide security for smartphones. Morehouse recommends Lookout Mobile for Android, BlackBerry, and Win7 or Trend Micro for iPhone.

Installing the latest updates for applications and your phone can provide updated security for your phone as well.

Make sure you set a good password for your phone.

Perhaps, most importantly, don’t click on links from unsolicited e-mails or text messages.

“You simply go to a bad site that’s rigged to exploit your phone, it’s game over,” Morehouse said.

News Source : Google
Have something to say about this article? Comment below or share it with us on Facebook, Twitter or our LinkedIn Group.
SHARE
Comments
Latest Stories
Best Deals

Newsletter — Subscribe for Free

Join over 500,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.