News and Information - Stay Informed!
Subscribe to the SMobile Mobile Security Newsletter to receive the latest virus news, updates and security information.
Click Here to Subscribe!
|
SMobile ContactCrypt Protects Against Newly Exposed iPhone Security Vulnerability
August 27, 2008
The Gizmodo Gadget Guide website recently published an article describing a very large security vulnerability in the iPhone. Because of this flaw, even passcode-protected devices can reveal sensitive personal information on the iPhone by easily pressing a few buttons. This vulnerability is possible because of two reasons:
- The Emergency Call option can be exploited to expose sensitive information
- Sensitive information on the iPhone is not encrypted.
To access sensitive information, a person stealing or finding an iPhone simply needs to select the Emergency Call option and press the Home Button twice. Doing so takes the user to the Favorites screen, where Contact information is clearly exposed. Because the sensitive Contact information is not encrypted, it can be easily viewed. Various Contact-related fields, such as URL’s, can also be accessed via these contacts to provide access to the Safari browser and to e-mail.
This security flaw highlights a fundamental flaw in the iPhone – lack of encryption. To address this flaw, SMobile Systems has created ContactCrypt. ContactCrypt encrypts the Contact information not only protecting that sensitive information, but also not exposing associated URL's and e-mail addresses that can provide access to other portions of the device. Below are screenshots showing the Contact database and associated contact URL, e-mail, etc. fields., including Favorites, in an encrypted state by using ContactCrypt.
A short video detailing ContactCrypt functionality can be found here.
Click here for the ContactCrypt user manual. ContactCrypt has been submitted to the Apple App Store. |
|
|
|
On-device defences for mobile malware
By Lisa Phifer
August 25, 2008
SearchSecurity
As workforces grow increasingly dependent on smartphones, mobile threats warrant serious consideration. At precisely the time when mobile users are becoming a bigger, juicier target. When the mobile malware "tipping point" is reached, will your organisation be ready?
Mobilising your malware defenses
Conventional Win32 malware defenses are commonly deployed on the assets they protect: PCs. Antivirus scanners, host intrusion detection programs, personal firewalls, and email spam filters are all designed to stop viruses, worms, trojans and spyware that prey upon desktops and laptops. These "on device" defenses are generally accepted security best practices, widely used by both businesses and individuals.
Early mobile malware defenses started down this familiar path. Antivirus scanners emerged for PDAs well before Symbian Cabir grabbed headlines back in 2004. But some of those products were just too early and were discontinued before mobiles were widely used, when "proof of concept" malware lacked the teeth to pose real risk.
Today, mobile antivirus scanners are experiencing a market rebound, stimulated by smartphone sales -- especially to businesses. Mobile antivirus products are now available from popular Win32 antivirus vendors (e.g., F-Secure, McAfee, Symantec, Trend Micro, Sophos) and "mobile specialists" like SMobile and Airscanner. Mobile antivirus scanners are even available for iPhone and BlackBerry handhelds.
more>>
|
|
|
Hackers on the Move
By ROGER CHENG
August 11, 2008
The Wall Street Journal
More small companies are allowing employees to use their personal smart phones for work. But that move could lead to big trouble, thanks to a new breed of hackers who are starting to target mobile phones.
Hackers can use spyware to keep an eye on what you type and what messages you receive, possibly gleaning company secrets. They can even can track your device's location, potentially allowing them to figure out your clients or plans by looking at where you go...
more>> |
|
|
|
SMobile Global Threat Center Creates Proof of Concept Exploit.
By Dan Hoffman
August 5, 2008
The SMobile Global Threat Center has created a very important and revolutionary proof of concept exploit. This Symbian-based exploit installs as a trojan during the installation of a Racer-3D racing game. Unbeknownst to the end-user, a keylogger begins capturing all keys typed into the device and forwarding them to a server at regular intervals. This includes typed URL's, usernames, passwords, messages, etc. A hacker can go to the server, review the keys typed and use the recorded URL's, usernames and passwords to log into various accounts, including mobile banking, VPN, etc, and view the contents of messages. To add to the reality of the exploit, it even goes so far as having a POC mobile banking website where those stolen credentials can be entered and used to transfer money between accounts. This is a very important POC, because it is a keylogger, runs silently, is installed as a Trojan and would cause devastation to consumers, banks and enterprises. In essence, this is one of the most powerful pieces of malware that can be created. |
Click Here to View the Video
|
|
|
Sybase iAnywhere bolsters mobile device security
By John Cox
Network World
July 2, 2008
Sybase iAnywhere is beefing up its Afaria mobile-device management software by adding antivirus and firewalling capabilities.
One of several applications that make up the company's Information Anywhere Suite, Afaria lets enterprise IT administer a range of task around device security and management, such as authentication, encryption, and remote device “kill” if its stolen or lost. The company, a subsidiary of Sybase, Inc., now is incorporating software from SMobile Systems to run virus scans on the device and to handle two-way IP packet filtering and inspection.
The changes are two new optional programs, Afaria Antivirus Manager and Afaria Firewall Manager, that add significant new protections for the growing number of enterprise handhelds...
more>>
|
|
Are smartphone viruses really a threat to your network?
As iPhones, other devices grow in popularity, so will risky Web browsing
By John Cox
Network World
June 23, 2008
All evidence points to the fact that smartphone viruses will be a threat to your network even though they aren't at this moment. After all, the latest mobile devices are packed with more and more applications and corporate data, are enabled for real Web browsing and online collaboration, and can access corporate servers. What's more, they live outside your firewall and often make use of three wireless networks (Bluetooth, Wi-Fi and cellular).
"It's definitely something I worry about a lot," says Sam Lamonica, CIO of Rulph and Sletten, a Redwood City, Calif., general contractor. "With the proliferation of smartphones throughout our business, it poses a great risk if and when hackers get good at pumping malware through those devices."
more>>
|
|
Viruses... on cell phones
By Kara Rowland
The Washington Times
May 29, 2008
This isn't something I've heard very much about, though it isn't very hard to make the jump. Cell phones are increasingly taking on the attributes of personal computers, which we all know are constantly prone to threats of worms, viruses, spam and the like. In particular, smartphones that use operating systems powered by Windows Mobile, Symbian, Linux, Palm or Research in Motion require protection, according to Columbus, OH-based SMobile Systems.
The company, which markets security products tailored to mobile devices, says there are hundreds, maybe even more than 1,000, known mobile viruses...
more>>
|
|
Cell phone users beware
www.wkyc.com
April 30, 2008
The Kuykendall family is terrified. Someone is hacking into their cell phones.
"They've totally taken over her phone," Mrs. Kuykendall said as she talks about her teenage daughter's mobile phone.
The stalkers know what the family is doing, what they're wearing, what they're saying.
"They threatened to kill us February 20th," the elder Kuykendall said. "I'm just waiting for someone to wake me up. It's like a nightmare."
Authorities thought they were making it up. They told the family it was not possible. No one could do that.
They were wrong. It is possible.
At least a half dozen internet sites sell software that turns mobile phones into spy phones. We found one site out of Thailand. Their top of the line spyware sold for just over $400...
more>>
|
|
'Winning' SMS is a hoax, Nokia UK warns
By Sunita Menon, Staff Reporter
gulfnews.com
April 28, 2008
Dubai: A leading mobile company has warned its users not to respond to a message that tells them they have won thousands of pounds.
A number of Nokia mobile users in the country said they received a message in their inbox that read: "Congratulations! Your cell phone has won £165,000 [Dh1.2 million] in the ongoing Nokia UK promo."
The message also featured an e-mail address and a telephone number for claims.
Gulf News got in touch with Nokia Corporate Communications in the UK for clarification. The company said the message is one of several hoax sms's that are circulating around the world, and Nokia has nothing to do with them.
more>>
|
|
New WinCE trojan discovered - WinCE/InfoJack
February 27, 2008
A new strain of WinsCE Trojan has been reported. The malware was dubbed WinCE/InfoJack, this program was created by an unnamed Chinese site and it is bundled with legitimate installation files distributed by Google Maps.
Once installed, "WinCE/InfoJack" sends the infected device's serial number, operating system and other information to the author of the Trojan.
WinCE/InfoJack has a number of features that show its malicious intent:
• Installs as a program that runs automatically on the memory card
• Installs itself on the device from the infected memory card
• Allows for silent installation of unsigned applications
• Creates a backup copy of the infected file
|
|
SMobile announces solution for latest mobile phone virus
Computer Technology Review
January 31, 2008
SMobile Systems announced Monday that it has prepared and tested a mobile anti-virus update and disinfection tool for its Security Shield platform to help protect Nokia smartphones being attacked by a malicious SymbianOS Worm (also referred to as a Beselo worm) currently spreading on mobile phone networks worldwide.
The virus is being disseminated as a multimedia file (MMS) with such monikers as Beauty.jpg, Sex.mp3 or Love.rm. When installed on the handsets, the malware gathers all the phone numbers located in the phone's contact lists and targets them with a viral MMS carrying a SIS-packed (Symbian Installation Source) version of the worm. In addition to harvesting these numbers, the malware also sends itself to generated numbers. To date the worm only affects Symbian S60 enabled smartphones, including models such as the Nokia 6630, 7610, 6680, and N70. However, with modifications, this current attack could spread to many additional smartphone models...
more>>
|
|
Worm Attacking Nokia Mobiles
By Sarah Falson
Smarthouse
January 21, 2008
A worm which latches onto the phonebook stored in a mobile handset and sends virus-laden multi-media messages (MMS) to the owner’s friends has been discovered locally, attaching itself to popular Nokia phones.
Called the SymbianOS Worm, the virus is able to run on Symbian S60-enabled devices which include Nokia 6600, 6630, 6680, 7610, N70 and N72 phones.
Phone-owners who receive an MMS with the file name Beauty.jpg, Sex.mp3 or Love.rm, should delete the file immediately.
more>>
|
|
Mobile viruses are growing in numbers, but there's no return now with intriguing platforms such as Mac OS X and Android aiming for the masses.
By Sindre Lia
InfoSync
November 8, 2007
Specializing in security solutions for mobile phones, SMobile Systems claims to have identified more than 400 mobile viruses to date. With the recent introduction of Internet friendly mobile platforms such as Apple's Mac OS X and Google's Android, it's likely to believe that mobile viruses will explode in the future.
"No longer are these viruses merely nuisances. These viruses are getting more insidious in nature, smarter in their design, and ultimately more dangerous to consumers, corporate smartphone users and to the carriers who provide service", says CTO of SMobile, George Tuvell...
more>>
|
|
Bluetooth devices easily hacked
24.com
October 23, 2007
Cape Town - Bluetooth-enabled devices are vulnerable to unscrupulous hackers, an expert warns.
Bluetooth was invented to connect devices such as cellphones, laptops, PCs, printers, digital cameras and video game consoles over a short-range radio frequency, but like any computer network, using Bluetooth can leave you vulnerable.
"Bluetooth hacking techniques vary tremendously. There are various attacks that have proved to be very effective over the last few years. Some of these attacks include making unauthorised calls and transactions, reading and sending SMSs on a target phone, erasing information and downloading personal information such as phone books and access codes," says ICT security expert Dino Covotsos...
more>>
|
|
Application of the Week -- SMobile Security Shield
www.s60.com
October 9, 2007
SMobile Security Shield protects your S60 3rd Edition device from unwanted intrusion coming from any direction, including the Internet, short message service (SMS), multimedia messaging service (MMS), e-mail, and direct downloads. It has three different components to accomplish that mission: VirusGuard, to scan for malware, Point Guard, to provide call and message filtering, and the SMobile Firewall, to provide filtering and blocking on a wide variety of media...
more>>
|
|
Supplying Smart Phone Armor
By Martha McKay
NorthJersey.com
September 27, 2007
If you believe Rick Roscitt, some very bad stuff might happen to your smart phone.
In the same way viruses attack computers, malicious software can travel across unprotected wireless networks and worm its way into the mobile gadgets we depend on, Roscitt says.
"Nobody would go out and spend $1,800 on a laptop and not put security software on it," he said. "Well, these devices don't have anything," he said pointing to an array of smart phones on a conference table in his Fort Lee office.
Roscitt is chairman and CEO of SMobile Systems Inc., an Ohio-based company that sells software designed to keep those gadgets safe from viruses and hackers...
more>>
|
|
SMobile Systems and Symbian OS
"SMobile creates security applications for Symbian OS devices and has developed a comprehensive product suite that protects mobile device users from viruses, the effects of device theft, and unauthorized data access. Forum Nokia PRO has helped SMobile compete effectively in the global mobile security market by facilitating introductions worldwide through PRO matchmaking events."
-Nokia
Download the PDF |
|
|
| Recent Articles |
 |
News Focus: Your handphone will tell on you - August 2007 |
|
Mobile viruses evolving beyond just 'nuisance' - August 2007 |
|
Nokia's Net More Than Doubles On Strong Sales, Bigger Market Share - August 2007 |
|
iPhone Flaw Lets Hackers Take Over, Security Firm Says - July 23 |
|
Cell phone users urged to install anti-virus software - July 2007 |
|
Arrest over phone virus - June 2007 |
|
New mobile security threats emerge - June 2007 |
|
SMobile Snags Customer in Germany - May 2007 |
|
SMobile Offers Security for Wireless Networks - May 2007 |
|
Cyber-criminals target mobile banking - January 2007 |
|
Rising Threat to Smart Phone Security - January 2007 |
|
As cellphone uses grow, so do security options - December 2006 |
|
Criminals And Hackers Take Aim At Smartphones - November 2006 |
|
Windows CE is extremely vulnerable, says Kaspersky - October 2006 |
|
Avanquest UK To Launch Virusguard From Smobile - October 2006 |
|
New Mobile Threats Make it Crucial for Operators to Protect Customers - October 2006 |
|
Mobile Malware Evolution: An Overview, Part 1- September 2006 |
|
Blackberry a Juicy Hacker Target - August 2006 |
|
Vishing Joins Phishing as Security Threat - July 2006 |
|
Text Messaging Used as Malware Lure - June 2006 |
|
Cell-shock: Hackers call up - May 2006 |
|
Know how to fry your mobile viruses? - May 2006 |
|
Major mobile virus attack 'imminent' - April 2006 |
|
Mobile Devices and Users: Keep mobile working safe, secure and under control - April 2006 |
|
Bluetooth trojan leaves mobile users out of pocket - April 2006 |
| |
|
|
|
| Archived Articles |
| January 2006 |
| Malware spreads via Bluetooth |
| ...research into the awareness of mobile malware |
| EBay users hit by mass phishing attacks |
|
|
|
| June 2005 |
Locals Hit By Mobile Virus That Sends Lewd Messages
|
|
| May 2005 |
| Mobile phone operator Orange has announced a plan to roll out email monitoring across 14,000 workstations |
|
| 2004 |
| Site of the Week: Viruslist.com |
| In the Trenches with Antivirus Guru Mikko Hypponen |
| Small businesses blissfully unaware of latest threats |
| Leader: Don't blame your staff - train them |
| Trojan horse drives spam into cell phones |
| Skulls Trojan attacks Symbian phones |
| Arresting an Airborne Virus |
| Locals Hit By Mobile Virus That Sends Lewd Messages |
|
|
| December 2005 |
| Mobile phone and PDA users should expect a rising tide of malicious software |
| Finland: Mobile phone virus protection to increase |
|
| August 2005 |
| Neeon digital audio player shipped with the W32.Wullik.B@mm worm... |
|
|
|
