Smartphone security follies: A brief history

The dangers were hammered home last week when the Android Police blog revealed that a vulnerability in the Skype Android application could allow hackers to swipe users' email addresses, contact lists and chat logs.

As smartphones have grown more powerful and complex, so have the threats against them.

This has become especially true as smartphones have evolved from tightly controlled enterprise-centric devices such as Research in Motion's BlackBerry series to consumer-oriented devices such as Android that run on open-source operating systems. These dangers were further hammered home last week when the Android Police blog revealed that a vulnerability in the Skype Android application could allow hackers to swipe users' email addresses, contact lists and chat logs.

LATEST THREAT: Skype for Android leaks user data

With this in mind, we thought it would be a good time to go over some of the highest-profile smartphone security follies of the past few years, whether they came in the form of application vulnerabilities or applications embedded with malicious code. As we go through the years, you'll see that threats to mobile devices have not only become more prevalent but also more complicated.

August 2006: Researcher creates first-ever BlackBerry Trojan

RIM made its name by developing well-engineered mobile devices that could securely deliver corporate email by routing it through the company's own network operations center. In 2006, however, security researcher Jesse D'Aguanno began poking holes in RIM's Teflon by creating the world's first piece of Trojan malware for BlackBerry devices. Demonstrating his creation at the Defcon hacker conference, D'Aguanno showed how he embedded the malware into a harmless-looking tic-tac-toe game download. Once the game was downloaded onto the device, the malware worked with a separate piece of code, called BBProxy, to launch attacks on enterprise networks.

D'Aguanno said he created the Trojan to serve as a heads-up to both RIM and BlackBerry users that they should be more alert to the potential dangers that lurk for mobile devices. Over the past five years, events have proven D'Aguanno's concerns to be accurate.

January 2009: RIM patches PDF vulnerability

Seeing how important PDF files are in the corporate world, RIM would have been negligent if it didn't incorporate them into its BlackBerry devices. Even so, the successful integration of PDFs into RIM devices and its BlackBerry Enterprise Server wasn't headache-free.

In 2009 RIM announced that "multiple security vulnerabilities" existed in some versions of the enterprise servers' PDF distiller that were released as part of its BlackBerry Attachment Service. The vulnerabilities could allow hackers to send users emails containing a "specifically crafted PDF file" that could cause memory corruption and "possibly lead to arbitrary code execution" of the computer hosting the attachment service.

November 2009: iPhone users get Rick Rolled

Stealing peoples' personal information is one thing -- but what sort of monster subjects unsuspecting iPhone users to the horrors of Rick Astley?

That's precisely what happened in late 2009, when the first-ever iPhone worm began forcibly changing users' iPhone wallpaper to a picture of much-loathed '80s singer Rick Astley. The worm was mostly a harmless prank written by an unemployed Australian programmer, but it was a sign of more sophisticated and dangerous iPhone worms to come.

November 2009: iPhone worm goes after banking codes

It only took two weeks for a copycat hacker to use the formula revealed by the "Rick Roll" worm to create a more malicious piece of code to build a botnet used for stealing data such as online banking credentials. The worm was apparently created by Dutch hackers and used a command-and-control strategy that is frequently used in PC-based botnets to steal data from infected devices. The worm only struck jailbroken iPhones, however, so the majority of iPhone users were not at risk.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags smartphoneswirelessskypeNetworkingPhonesconsumer electronicsanti-malwareSkype Android leak

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Brad Reed

Network World
Show Comments

Cool Tech

Toys for Boys

Skywatcher Dobsonian 8″ Collapsible Telescope

Learn more >

Family Friendly

Whodunnit™ Duo-Scope MFL-007 Microscope Kit

Learn more >

Stocking Stuffer

Logitech Ultimate Ears Wonderboom 2 Bluetooth Speaker

Learn more >

Christmas Gift Guide

Click for more ›

Brand Post

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Tom Sellers

MSI P65

This smart laptop was enjoyable to use and great to work on – creating content was super simple.

Lolita Wang

MSI GT76

It really doesn’t get more “gaming laptop” than this.

Jack Jeffries

MSI GS75

As the Maserati or BMW of laptops, it would fit perfectly in the hands of a professional needing firepower under the hood, sophistication and class on the surface, and gaming prowess (sports mode if you will) in between.

Taylor Carr

MSI PS63

The MSI PS63 is an amazing laptop and I would definitely consider buying one in the future.

Christopher Low

Brother RJ-4230B

This small mobile printer is exactly what I need for invoicing and other jobs such as sending fellow tradesman details or step-by-step instructions that I can easily print off from my phone or the Web.

Aysha Strobbe

Microsoft Office 365/HP Spectre x360

Microsoft Office continues to make a student’s life that little bit easier by offering reliable, easy to use, time-saving functionality, while continuing to develop new features that further enhance what is already a formidable collection of applications

Featured Content

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?