Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Security Response
Showing posts tagged with Mobile & Wireless
Showing posts in English
Symantec Security Response | 09 Apr 2010 21:46:07 GMT

We have discovered a threat affecting the Windows Mobile platform that dials several high-cost international phone numbers. The threat is bundled within a .cab installation file that contains a legitimate game called “3D Anti-terrorist action” and a malicious dialer that we call Trojan.Terred.

While there is no smoking gun, we don’t believe that the makers of the game are bundling the threat, but rather one of the distributors. The threat itself is a binary created with the .Net Compact Framework and therefore requires this specific framework for it to be installed. The threat will therefore not run on any device that does not have the framework installed; however, the game will install without any problems either way.

Mathew Maniyara | 18 Feb 2010 18:56:36 GMT

Symantec has recently observed phishing scams targeting Apple iPhones in order to gain serial numbers, IMEI, model, and capacity, etc.

What is an IMEI?

An IMEI (international mobile equipment identity) is a 15-digit unique number used by GSM networks to identify valid devices. Every GSM, WCDMA, or iDEN mobile phone (and even the odd satellite phone) has an IMEI. It can be found under the battery of the device or by typing *#06# on the mobile. If your phone or device is lost or stolen you can report it to your service provider, providing the IMEI number. The service provider can then blacklist the IMEI number, rendering the device unusable in that country.

Why do scammers need the IMEI number?

A device with a blacklisted IMEI is unusable in that country. There is no restriction on having the same IMEI number for two devices. So, scammers can simply steal the number from other users who have valid or working IMEIs and copy it to the stolen device....

Irfan Asrar | 11 Feb 2010 23:07:50 GMT

Several reports have been published detailing a Blackberry proof of concept (PoC) exploit called txsBBSpy that was recently presented at a security conference. Although it may not have been the aim of the original presenter, some reports have framed the PoC as being able to exploit so-called vulnerabilities that the writers believe to be present in the Blackberry platform. The “vulnerabilities” involve secretly forwarding incoming emails, locating devices by way of their GPS capabilities, eavesdropping on conversations by surreptitiously turning on microphones, and other such nefarious behavior.

Although the vectors used for the PoC itself weren’t exactly ground-breaking—we described the concept behind attacks in a whitepaper back in 2007—it does highlight the fact that competition between mobile platform vendors to provide easy-to...

Henry Bell | 09 Dec 2009 23:10:48 GMT

Ahoy there ye landlubbers! The high seas of wireless security appear to have gone commercial with the introduction of a paid service that means it just got a whole lot easier for a casual attacker to break into your wireless network. Before going on to talk about how this attack vector can be used, though, we'll quickly cover off some terminology; Wi-Fi standards can be an acronym minefield.

Many moons ago—more than ten years ago, in fact—a move was made to devise a method of securing wireless networks that would provide a level of confidentiality equivalent to that of traditional wired networks. The name Wired Equivalent Privacy (WEP) was given to the system. Unfortunately flaws emerged and it turned out to be trivial to circumvent. WEP is still built in to most Wi-Fi products on the market, but security-wise it was blown out of the water long ago and as such its use is now heavily deprecated. Roll out the successors!

Wi-Fi Protected Access (WPA)...

M.K. Low | 01 Apr 2009 17:59:25 GMT | 0 comments

Mobile security was a hot issue at the CanSecWest conference, especially with the prolific use of smart phones for both enterprise and personal use. During my commute to work, it seems that everyone on the train is using their smart phone, pushing those little buttons on their little keyboard to send emails, surf the Web, or check the score of last night’s hockey game. A smart phone is more than just a phone; users can use them to download applications to do anything from update their profile on social networking sites to search for a great Thai restaurant to bowling downhill. My husband even has an application on his smart phone whose sole purpose is to make the most annoying noise on the planet (needless to say, I was not excited when he showed it to me).

So why would an attacker target smart phones? Smart phones have properties that traditional computers may not have: they are always on, 24 hours a...

Andrea Lelli | 13 Nov 2008 22:41:15 GMT | 0 comments

We have already seen a file infector working on smartphones (see WinCE.Duts.A) and a worm that could spread by infecting storage cards (see WinCE.Infomeiti). Now, we have the first polymorphic worm (although some refer to it as a companion virus) that affects smartphones running Windows CE platform on ARM processors—it is known as WinCE.Pmcryptic.A. It spreads by generating new polymorphic copies of itself each time, and can cause a severe nuisance on a compromised phone (including unwanted phone calls to toll numbers).

After analyzing the sample, we discovered it contained many interesting payloads. So, we executed it on a test...

Henry Bell | 20 Aug 2008 17:20:52 GMT | 0 comments
There’s nothing like coffee one-upmanship to make the blood boil.
“You’re still drinking lattes? With actual milk from a cow? Good grief, where have you been?”
Nowadays though, it seems that coffee one-upmanship is no longer enough to secure the seemingly coveted “hippest person in the café” crown. Now that portable devices are actually portable, cafés and other public spaces seem to be prime territory for people keen to show off their technological gadgetry.
I’ve been keeping an eye out during my recent café trips – doppio, natch – and usually around half of the customers are tapping away on notebooks, ultra-portables and tablet devices. This is, admittedly, in tech-enamored Tokyo, but the use of truly portable and network-capable machines is clearly going to increase as specs go up and costs come down. Cafés are...
Orla Cox | 07 Jan 2008 08:00:00 GMT | 0 comments

Reports started appearing on Saturday regarding the existence of malicious packages for the Apple iPhone. A package called "iPhone firmware 1.1.3 prep", which was described as “An important system update. Install this before updating to the new 1.1.3 firmware.” was reportedly causing problems for iPhone users once uninstalled.

According to various reports, installing the package doesn't have much effect on the iPhone. However, uninstalling it may cause problems, as the malicious package overwrites some other applications during the install. Some of the applications it overwrites are "Erica's Utilities" (a collection of command-line utilities for the iPhone) and OpenSSH. If the user chooses to uninstall the bogus package, these applications will also be removed. Affected users will need to reinstall these applications.

This is technically the first Trojan horse seen for the iPhone, however it does appear to be more of a prank than an actual...

Téo Adams | 29 Nov 2007 08:00:00 GMT | 0 comments

Recently there have been several reports of security flaws in a product provided by a company called Mobile Spy. The product is an application for Windows Mobile smartphones. The application logs various forms of communication data transmitted to and from the phone and sends it to a hosted database. A user can log in to the web service and view all the data that has been logged.

The idea behind this product is that it’s installed on a device without the knowledge of that device’s user (for example, an employee, child, spouse, etc.). The party who installed it can then monitor the user’s activity to ensure that the device is not being abused. A company manager, for example, can make sure that an employee is not making personal calls or sending personal text messages from a company device.

For the most part, this seems like a reasonable idea, but the security flaws in both the...

Ollie Whitehouse | 20 Nov 2007 08:00:00 GMT | 0 comments

I was interested in getting some rough numbers on publicly disclosed vulnerabilities in Symbian and Windows CE/Mobile platforms and applications. I cannot say with any degree of confidence that what I present below is reflective, simply due to the fact that different bugs get categorized under different vendors, platforms, or keywords. What I can document is the method I used to arrive at the below numbers. I used and did the following:

• searched by vendor, platform for Windows Mobile & Windows CE
• searched for keyword MMS picking out those relevant
• searched for keyword SMS picking out those relevant
• searched for keyword Symbian
• searched for keyword Nokia picking out those relevant

So the summary is that there are 16 for Windows CE/Mobile and six for Symbian. I guess this demonstrates people are finding vulnerabilities in these two platforms. If we take out the third party applications on Windows CE/Mobile (i.e....