By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
10alert.com10alert.com
  • Threats
    • WordPress ThreatsDanger
    Threats
    A cyber or cybersecurity threat is a malicious act that seeks to damage data, steal data, or disrupt digital life in general. Cyber threats include…
    Show More
    Top News
    GPS trackers: Cyberpoaching paradise
    8 months ago
    What is Zero-Day Exploit?
    8 months ago
    How to Get Rid of a Virus on Phone? | Android and iPhone
    8 months ago
    Latest News
    Safeguards against firmware signed with stolen MSI keys
    1 day ago
    WPDeveloper Addresses Privilege Escalation Vulnerability in ReviewX WordPress Plugin
    1 day ago
    Wordfence Intelligence Weekly WordPress Vulnerability Report (May 15, 2023 to May 21, 2023)
    6 days ago
    Wordfence Firewall Blocks Bizarre Large-Scale XSS Campaign
    1 week ago
  • Fix
    Fix
    Troubleshooting guide you need when errors, bugs or technical glitches might ruin your digital experience.
    Show More
    Top News
    What’s included in the ‘Battle of Shadow and Light’ update for Halo 5: Guardians
    8 months ago
    How to fix printer spooler problems on Windows 10
    8 months ago
    How to fix error 0x80004005 starting VirtualBox VM on Windows 10
    8 months ago
    Latest News
    How automatically delete unused files from my Downloads folder?
    4 months ago
    Now you can speed up any video in your browser
    4 months ago
    How to restore access to a file after EFS or view it on another computer?
    4 months ago
    18 Proven Tips to Speed Up Your WordPress Site and Improve SEO | 2023 Guide
    5 months ago
  • How To
    How ToShow More
    What is two-factor authentication | Kaspersky official blog
    2 days ago
    Acer refreshes Windows 11 PCs for work and play: Swift Edge 16 and Predator Triton 16
    4 days ago
    NVIDIA GeForce RTX 4080 New Mercury Editions of Razer Blade 16 and Blade 18 now available
    4 days ago
    How Oxy uses hooks for maximum extensibility
    How Oxy uses hooks for maximum extensibility
    5 days ago
    The personal threat landscape: securing yourself smartly
    5 days ago
  • News
    News
    This category of resources includes the latest technology news and updates, covering a wide range of topics and innovations in the tech industry. From new…
    Show More
    Top News
    The dream of a designer and web developer
    7 months ago
    Google Drive Public File Search
    8 months ago
    Chrome Tab Preview
    8 months ago
    Latest News
    How to create virtual drive (VHD, VHDX, Dev Drive) on Windows 11
    2 days ago
    How to enable Taskbar End Task option to close apps on Windows 11
    2 days ago
    How to check USB4 devices specs from Settings on Windows 11
    2 days ago
    How to enable new header UI for File Explorer on Windows 11
    1 week ago
  • Glossary
  • My Bookmarks
Reading: Does Your Mobile Device Spy on You? -Kaspersky Daily
Share
Notification Show More
Aa
Aa
10alert.com10alert.com
  • Threats
  • Fix
  • How To
  • News
  • Glossary
  • My Bookmarks
  • Threats
    • WordPress ThreatsDanger
  • Fix
  • How To
  • News
  • Glossary
  • My Bookmarks
Follow US
ThreatsWordpress Threats

Does Your Mobile Device Spy on You? -Kaspersky Daily

Vitus White
Last updated: 13 October
Vitus White 8 months ago
Share
10 Min Read

If computers themselves are relatively new in the grand scheme of things, then mobile devices are incredibly new. And likewise, just as we’ve spent the better part of the last two or three decades figuring out how to secure the traditional computer, there is probably a long road ahead for mobile security as well.

spy_title

Smartphones and tablets have everything and more than the personal computer, which represents a security challenge in and of itself. More problematically though, these devices live in our pockets and purses and go nearly everywhere we go. Unlike the desktop computer that lives on a desk and is tethered to the wall by a power cord, mobile devices are very easily lost and left behind.

The threats we face on the PC are quite similar to those we face on mobile devices but there are key differences: PCs (and laptops to a lesser extent) are immobile. Smartphones and tablets go where we go. They are equipped with cameras and GPS systems. Their locations are constantly tracked by our mobile service providers. We email, make calls, and send SMS-based text messages through them, sometimes from unsecured wireless connections. We store vast amounts of payment and other sensitive data on them, and we often log into digital marketplaces and, on a whim, we download applications developed by people we know almost nothing about.

Like the traditional PC, all of this can be monitored or even stolen by existing or soon-to-be existing malware, and the attack surface on a smartphone (i.e. the number of ways an attacker can get in) is even larger than that of a traditional PC, which is saying a lot, because I am not even sure of all the ways you can compromise a traditional computer or laptop.

Shared threats aside, we face dangers on our mobile devices that just don’t exist on a computer.

Charging for example: most smartphones have some sort of USB connectable charging port. We charge and synchronize data through the same cord. In theory, it’s very possible to steal phone-data with a charger. I’m sure this sounds far-fetched until you think about that time you were desperate for a quick charge at the bar so you asked the bartender is you could juice up on her charger. Or how about that time your phone was dying at the airport? I get it. How is your wife supposed to pick you up if you have no way of telling her you landed? No one wants to get marooned at the airport. You had to plug into and, perhaps shamefully, pay that charging kiosk, but you have no idea who it belongs to and you could easily being paying some guy to steal all sorts of valuable data from your phone.

Device loss and theft are also relatively unique to the mobile environment. You could obviously lose a laptop, but it’s bigger and probably harder to forget about. A thief could definitely run off with your PC, but he’d probably have to do at least a little breaking and entering first.

The attack surface on a smartphone (i.e. the number of ways an attacker can get in) is even larger than that of a traditional PC.

Last year, I read an article in the DailyMail reporting on a malicious application proof-of-concept developed by the United States Military. The app is apparently capable of turning on the camera on your mobile phone and taking and sending images and videos back the app’s developers. The software that drives the app is also reportedly capable of using the images to map rooms. These capabilities could give an attacker the ability to spy, gather intelligence, or even case the joint (your house or office) before performing a robbery. Of course, most laptops have built in cameras as well, but, again, we don’t carry laptops around in our pockets.

Similarly, I’ve seen researchers remotely turn on smartphone microphones, creating an ever-present surveillance machine. They can also potentially monitor all of your movements by tapping a device’s GPS and location services as well.

It’s is very possible to install malware on a phone that has the capacity to record all device communications. An attacker could listen in on phone calls, read your emails and text messages, steal the passwords to all of your social media accounts, and, worst of all, get at those online banking credentials and cause all sorts of damage. For example: If I got my hands on your banking login credentials, depending on your bank, I could potentially change your password, transfer all the funds, send myself an eCheck, or even change the email or real address associated with the account and send a copy of your credit card to my house for a serious shopping spree. I wouldn’t do that, because I am nice and I like you, but there are a lot of people out there who would do that.

I coach a little youth swimming on the side, and when I look around I see a lot of kids carrying smartphones. Now, I’m no criminal, but I can’t help wondering if mommy and daddy’s credit card information is stored on these things. In other words, a lot of us are giving devices loaded with sensitive information to CHILDREN. Kids literally lose everything, and some of them, particularly the young ones, will believe anything an adult says. You don’t have to be smart to phish a kid.

There is no shortage of ways for the bad guys to get on your phone either. You might download a malicious application or open a phishing email or someone might fiddle with your phone while you aren’t looking. The list goes on and on to include any number of things I haven’t even thought of, but which criminals almost certainly have thought of.

The good news is that we are making better mobile security products than ever before. With every operating system, the big tech firms are introducing better security controls and safeguards like Apple’s find my iPhone and Activation Lock features. Nearly every device has a feature that lets users perform a remote data wipe in an emergency. Better yet, we are getting smarter too. A few years ago the average person knew nothing of security. Thanks to Stuxnet and other high-profile, media-grabbing security stories, consumers are thinking about security more than ever. It’s also comforting to know that all you can do is run a security product on your smartphone or tablet, keep it password protected, implement all security features its operating system offers, and, as always, stay informed about the threats that exist.

The threats represented by charging are easily remedied. Carry a spare charger that plugs into an electrical socket whenever possible. I keep one in my car and another in my backpack. When I charge my phone, I don’t leave it unattended in public places. Sometimes it’s inconvenient, but a dead battery, however useless, is better than infected, stolen, or otherwise compromised phone.

These new features like remote device wipe and find my iPhone and Activation Lock go a long way in protecting lost devices. Implement them if they aren’t default features and learn how to use them: losing a phone stinks, but giving a stranger complete access to all the information and every account on it is far worse. At the very least you need to turn on a password or passcode lock. These can be broken by skilled attackers, but even a four-character passcode will prevent most people from accessing your device, especially if you set it up so that repeated failed login attempts will wipe all device data.

If you’re extra-cautions or overly concerned about the data on your device, then use full memory-encryption (for Android) or encrypt your iCloud or local back-ups on iDevices.

I don’t have kids and can’t tell you what you should do with yours. Just try to stay on top of and regulate the information stored on their phones and tablets so that it’s not too big of a deal when they inevitably lose them.


Source: kaspersky.com

Translate this article

TAGGED: Apple, Authentication, Encryption, Malware, Phishing, PoC, Port scanning, Security, Software, Targeted Attack, Threat, Threats
Vitus White October 13, 2022 October 7, 2022
Share this Article
Facebook Twitter Reddit Telegram Email Copy Link Print

STAY CONECTED

24.8k Followers Like
253.9k Followers Follow
33.7k Subscribers Subscribe
124.8k Members Follow

LAST 10 ALERT

Safeguards against firmware signed with stolen MSI keys
Threats 1 day ago
WPDeveloper Addresses Privilege Escalation Vulnerability in ReviewX WordPress Plugin
WPDeveloper Addresses Privilege Escalation Vulnerability in ReviewX WordPress Plugin
Wordpress Threats 1 day ago
How to create virtual drive (VHD, VHDX, Dev Drive) on Windows 11
News 2 days ago
How to enable Taskbar End Task option to close apps on Windows 11
News 2 days ago
How to check USB4 devices specs from Settings on Windows 11
News 2 days ago

Recent Posts

  • Safeguards against firmware signed with stolen MSI keys
  • WPDeveloper Addresses Privilege Escalation Vulnerability in ReviewX WordPress Plugin
  • How to create virtual drive (VHD, VHDX, Dev Drive) on Windows 11
  • How to enable Taskbar End Task option to close apps on Windows 11
  • How to check USB4 devices specs from Settings on Windows 11

You Might Also Like

Threats

Safeguards against firmware signed with stolen MSI keys

1 day ago
WPDeveloper Addresses Privilege Escalation Vulnerability in ReviewX WordPress Plugin
Wordpress Threats

WPDeveloper Addresses Privilege Escalation Vulnerability in ReviewX WordPress Plugin

1 day ago
News

How to create virtual drive (VHD, VHDX, Dev Drive) on Windows 11

2 days ago
News

How to check USB4 devices specs from Settings on Windows 11

2 days ago
Show More

Related stories

How to Use Cloudflare to Secure Your WordPress Site
How To Starting Chrome from the command line
How to fix error 0x80070057 in Chrome?
Windows 10 How To Disable Slide to Shutdown
Windows search not working (FIX)
How to watch movies and TV series for free on Kinopoisk?
Previous Next

10 New Stories

What is two-factor authentication | Kaspersky official blog
Acer refreshes Windows 11 PCs for work and play: Swift Edge 16 and Predator Triton 16
NVIDIA GeForce RTX 4080 New Mercury Editions of Razer Blade 16 and Blade 18 now available
How Oxy uses hooks for maximum extensibility
The personal threat landscape: securing yourself smartly
Wordfence Intelligence Weekly WordPress Vulnerability Report (May 15, 2023 to May 21, 2023)
Previous Next
Hot News
Safeguards against firmware signed with stolen MSI keys
WPDeveloper Addresses Privilege Escalation Vulnerability in ReviewX WordPress Plugin
How to create virtual drive (VHD, VHDX, Dev Drive) on Windows 11
How to enable Taskbar End Task option to close apps on Windows 11
How to check USB4 devices specs from Settings on Windows 11
10alert.com10alert.com
Follow US

© 10 Alert Network. All Rights Reserved.

  • Privacy Policy
  • Contact
  • Customize Interests
  • My Bookmarks
  • Glossary
Go to mobile version
adbanner
AdBlock Detected
Our site is an advertising supported site. Please whitelist to support our site.
Okay, I'll Whitelist
Welcome Back!

Sign in to your account

Lost your password?