Three phone hacking bugs you don’t want to catch in 2014

Many mobile phone users assume that it is only their home computer that is open to malware and other such nuisances. Think again. Smart phones are effectively mini PCs these days, making them a mobile gold mine for hackers and fraudsters looking for fresh ways to attain personal data to be used for their benefit.

Norton's cybercrime centre reported that a security researcher has found a number of popular mobile banking apps are among the vulnerable.

60 top banking apps from around the world were analysed on jail broken devices, and an alarming 90%were shown to be at risk. This was due to unencrypted links, allowing hackers to inject arbitrary codes displaying fake logins to trick the user.

Four out of ten apps tested did not validate the authenticity of presented SSL certificates, opening up a gap to potential attackers. The best way to avoid these threats is to be vigilant and keep your device up to date with the latest anti-virus software. Here’s our guide to three of the most common and downright nasty bugs that are spreading like flu this winter

BaseBridge: Playing the Game

BaseBridgeThis malware targets users of popular gaming apps such as Donkey Jump, Drag Racing and Jungle Monkey to name just a few. After the user has installed the app, a fake upgrade message will pop up. If the user chooses to download the upgrade, the malware will duplicate itself in another location on the device; restarting the app will then trigger the pesky malware into action.
Once activated, the bug will spread to other operating systems within the phone and can use them to transfer details from SMS and calls, which can incur fees to the device owner. 


AndroidRat: There’s a RAT in my mobile, what am I gonna do?

AndroidRat
Few of us like rats, and this one is no exception. RemoteAccess Trojans (RAT) are used by hackers to infect email boxes, and even more worrying, capture images and sometimes videos of victims. This kind of data can then be used for fraudulent purposes or even blackmail.

Due to the increase in popularity of Android device activations to the OS, hackers can now utilise tools to take complete control of the victim’s device.
The RAT finds its way onto a device when the user downloads and launches an activity application, giving the Trojan full rein to sweep your phone book, text messages and call logs. Those most at risk are users who do not use Android Antivirus Software, but download cracked versions of downloaded apps.

DroidKungFu: A lesson in self defence

DroidKungFu
This malware was uncovered by North Carolina State University researchers who discovered it was affecting all Android OS versions up to 2.2 Froyo. It enables hackers to steal sensitive information from victims through a backdoor method and, in the worst case scenario, can turn the device into a bot.

Once it has taken control, it can make the device perform certain actions without the victim’s permission. Newer versions of Android OS make the threat of DroidKungFu more limited, but it still has the ability to snatch certain information from the infected device. Try to download only trusted apps from reputable companies to avoid this particular nuisance.



Find out more in my disclosure policy.