Nowadays, smartphones and mobile devices are the main means through which we organise our lives, from email to grocery shopping to banking. In just over 10 years, mobile devices have completely changed the way we communicate and have evolved from just being simple communication devices for calls and texts (and being able to while away your time playing snake if you were lucky); to powerful computers that have all the functionality of a laptop through the use of apps. These apps can be downloaded from the app store of each of the major vendors (Microsoft, Apple, Google Android) for practically every purpose and price range, from organising your life, to taking over it (speaking as someone currently in candy crush rehab – though I’m told there’s an app for that).
This boom in the use of apps has resulted in one of the most common questions being heard in the electronic era: “How can I get this for free?”. As a result, there are many ways a user can obtain an application illegally. The downside, of course, is that by downloading illegal copies of applications you also run the risk of downloading some other unwanted ‘guests’ in the form of malware.
One of the most common ways that users put themselves at risk when downloading apps is by ‘jailbreaking’ their device and downloading a pirated application directly. Jailbreaking is taking advantage of an exploit to gain administrative access to a device, often breaching the security controls in place. Unfortunately, as we all know, everything always has a price. There are a huge number of instances of users unintentionally downloading malware disguised as valid apps. This malware then targets user emails, banking applications, messages and other sensitive information present on a mobile device.
But if I haven’t “jailbroken” my device I am safe, right? Wrong. Below are just two examples of the latest vulnerabilities found on mobile devices that could result in the breach of a device without the phone being “jailbroken”.
The Masque Attack
The first vulnerability revolves around iOS users and is known as “the Masque attack”. Recent research has identified a vulnerability where if a user downloads an iOS application through an over the air (OTA) distribution, they could be replacing one of their valid applications with a malicious one. Over the air distribution is used primarily by developers, and allows a user to directly download an application on his iPhone directly from a developer URL, without visiting the App store. In its simplest terms, if the application downloaded through OTA distribution has the same name (bundle identifier) as an existing application on the phone, it will take its place. As a proof of concept, the Gmail application was shown to be replaced by a malicious application that would then send sensitive information to an attacker. The biggest impact of this attack comes from the fact that all data held by the original, genuine, application, are not removed and can now be transmitted to the attacker.
Windows Phone SD card vulnerability
The second example relates to a vulnerability affecting Windows phone devices. It was identified that a valid application residing on the SD card of the device can be replaced by another application. This can achieved by replacing the valid application’s folder with a malicious one, as easy as copy/paste. As a result, when a user clicks on the valid application’s icon, the malicious application is executed retaining all the permissions of the original application.
What can I do?
To reduce the risk of falling victim to attacks such as those described above, always treat any application with suspicion if you cannot verify where you are sourcing it from. In addition, always ensure you install the latest system updates on your devices and always purchase your apps through legitimate sources.
View article source