Published on August 31st, 2012 | by Steven Hodson0
Smartphones Become The New Spyware Battle Ground And Governments Love It
That the word spyware and most people will think of script kiddies trying to infect your laptop or desktop with their products of boredom and cut and pasting however a new report from noted security researcher Morgan Marquis-Boire suggests that a much fertile spying platform is opening up and governments love it.
That platform of course is the rapidly increasing mobile arena with smartphones that have all kinds of tracking goodies built right into them. From the nearly ubiquitous GPS to the microphone just about every part of the phone has some sensor or another that can be tapped into.
One of the companies that are taking advantage of this burgeoning platform, and general consumer ignorance about security, is Gamma Group and their product, that they refuse to talk about, called FinSpy Mobile. The software can run on just about any mobile smartphone platform, with the exception of Windows Phone – at this time anyway – whic means about 90% of the smartphones on the market.
Like most malware their method of installing on a target phone is by way of a clever type of clickjacking. This happens when a target phone gets an email or text message and the user clicks on the link but rather than loading the malicious software when the page loads the site injects code that pops up a fake system update message. Once the user clicks on the button to agree the FinSpy app is installed.
Once installed a remote system can record from the microphone, track locations, and monitor communications. Of the affected mobile platforms both Android and Blackberry are most susceptible because users can install unknown apps. With Apple however Marquis-Boire says in the report that FinSpy has a valid developer certificate issued to the Gamma Group’s director Martin Muench which will allow the app to exploit the iOS platform.
Needless to say there has been a big interest in the software from law enforcement and governments.