Georgia Weidman is a clever lass. Thanks to her efforts, a new age of smartphone malware has dawned. Is this a bad thing? Not unless evil hackers can use it for their own nefarious deeds.
Weidman plans on demo-ing her creation at the upcoming Schmoocon in Washington D.C. using three Android phones. What she has basically created in her lab is a method where smartphones can be turned into nodes for a botnet. Botnets are the computer networks hackers use to send spam or steal data. Until Weidman’s breakthrough, botnet’s had yet to be seen among smartphones.
Weidman’s method for infecting smartphones involves using a rootkit program. Once infected, the phone sends out spam and denial of service attacks without the user’s knowledge.
Here’s Ms. Weidman explaining her testing method: “When I infected a phone in my botnet—my lab botnet—with malware, the smart phone would receive a message through SMS and I would check to see if it has botnet instructions in it. If it does, it would perform the functionality requests, and then it would swallow the message, so the user does not know that there was a message at all.”
Hopefully Weidman’s breakthrough is the wake up call cyber security needs to better prepare against smartphone-specific cybercrime.
