Bugnets Could Spy on You via Mobile Devices

New botnets designed for mobile gear may allow remote attackers to see and hear their potential victims

Imagine sitting in a café and discussing the details of a business proposal with a potential client. Neither you nor the client has a laptop; you're just two people having a conversation. But unbeknownst to you, someone half a world away is listening to every word you say. Later, as you leave, you receive a text message referring to the proposal and demanding money in exchange for silence.

Recent research from two universities suggests that such a remote-eavesdropping scenario may soon be possible.

According to George Mason University researchers Ryan Farley and Xinyuan Wang, cell phones make excellent surveillance devices for remote snoops. In a paper, Farley and Wang discuss a "modernized mic hijacker" [PDF] that an attacker could control over what they call a "roving bugnet." The eavesdropper would use a piece of malware called a "bugbot" to listen in on in-person interactions via a nearby smartphone or laptop. Such attacks would be more likely to target specific people (a wayward spouse, say) than to play a role in widespread attacks on the general public.

Mobile Malware on the Rise

Though fewer than 500 pieces of cell phone malware have been written since 2004, researchers have seen an explosion within the past year. Mikko Hyppönen, chief research officer for F-Secure, says that 95 percent of mobile malware was written for the Symbian OS, but that's changing fast due to the success of Apple's iPhone and Google's Android OS.

Given the relative scarcity of mobile malware, Farley and Wang conducted experiments on Windows XP and Mac OS laptops. The researchers directed their bugbot to join an Internet Relay Chat channel so that they could remotely enable and disable each laptop's microphone to stream real-time conversations occurring in the area. The same thing, they said, could be done on almost any smartphone.

Phone Users Are Vulnerable, Too

Researchers at Rutgers University--Jeffrey Bickford, Ryan O'Hare, Arati Baliga, Vinod Ganapathy, and Liviu Iftode--announced in a 2010 paper that they had successfully demonstrated possible attack methods by creating mobile phone rootkits [PDF], malware that burrows deep into the operating system.

The researchers were able to hit three specific mobile features, attacking the battery (to keep the user from turning on the phone), GPS services (to snag location data), and voice and messaging (to listen to voice messages and retrieve old texts).

If your smartphone were to be infected in any of those ways, you probably wouldn't even notice--even if you're a sophisticated user. Because security software generally sees operating systems as trustworthy, rootkits tucked deep within an OS can go undetected for a long time. In fact, desktop antimalware products have only recently started to scan for rootkits.

The researchers built their rootkits for Neo Freerunner smartphones, which run the Openmoko Linux-distribution operating system. Google Android uses Linux, and therefore could be attacked right away. The Rutgers team says that with a little work the Linux rootkits could be ported to the Apple iPhone OS, Windows Mobile, and Symbian OS.

The simplest rootkit, which targets a smartphone's battery, would need only to enable Bluetooth or the phone's GPS function to drain the power--and it could do so without your even realizing it. Unless you carefully studied your smartphone, you might not see the tiny icons indicating that multiple power-draining services were enabled. If your phone were infected, you'd find yourself having to recharge it more often--or, when you needed it most, your phone would be dead.

More sinister is the rootkit that grants third-party access to your GPS information. Even when you're not using your mobile phone, the GPS service keeps tabs on your whereabouts; such information, when exposed to a less-than-trustworthy person, would take stalking to a new level.

The most harmful rootkit, however, would access your voice and text messages. The Rutgers team constructed a rootkit that relayed text messages over to a third party. If your phone were so compromised, whenever you sent or received a new text message, a cybercriminal would get a copy, too.

What About the App Store?

Even Apple's tightly controlled iPhone App Store could potentially house malicious apps or bugbots. At Black Hat DC 2010 (a security conference), Nicolas Seriot of the University of Applied Sciences Western Switzerland demonstrated how a malicious program could bypass the App Store's strict filters [PDF]. Seriot, an iPhone developer, suggested that someone with ill intentions could upload a version of his file to the App Store and infect many users' phones before Apple managed to pull it.

Seriot also challenged Apple's assertion that third-party apps on the device are sandboxed so that system files, resources, and the OS kernel are shielded from the user's application space. He showed the audience that a malicious third-party application--not even a rootkit--could provide remote access to the iPhone's contact list, image file, text messages, GPS data, and other vital information. So far, Apple has not directly responded to Seriot's research.

Taking Precautions

As the Rutgers study states, "the pervasive nature of smart phones and a large, unsophisticated user base also make smart phones particularly attractive to attackers." In general, you should be suspicious of phone downloads--even ringtones--as such files could harbor malware. But you also need security software for your phone, sooner rather than later. Fortunately, Eset, F-Secure, Kaspersky, McAfee, and Symantec (Norton) all offer tools that can protect against most mobile malware. And some phone vendors, such as Nokia, now preinstall antivirus on their handsets.

One startup is going a step beyond. In addition to blocking malware, Lookout, a mobile security tool that is free at this writing, offers a suite of defenses: a mobile firewall, mobile data backup (which allows you to return your phone to a preinfected state), and the ability to wipe a lost or stolen phone remotely.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection

Tags mobilitybugsmobile malwarespying

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Robert Vamosi

PC World (US online)
Show Comments

Cool Tech

Breitling Superocean Heritage Chronographe 44

Learn more >

SanDisk MicroSDXC™ for Nintendo® Switch™

Learn more >

Toys for Boys

Family Friendly

Panasonic 4K UHD Blu-Ray Player and Full HD Recorder with Netflix - UBT1GL-K

Learn more >

Stocking Stuffer

Razer DeathAdder Expert Ergonomic Gaming Mouse

Learn more >

Christmas Gift Guide

Click for more ›

Most Popular Reviews

Latest Articles


PCW Evaluation Team

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Walid Mikhael

Brother QL-820NWB Professional Label Printer

It’s easy to set up, it’s compact and quiet when printing and to top if off, the print quality is excellent. This is hands down the best printer I’ve used for printing labels.

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?