Mobile Malware Landscape?
From this Dark Reading article on Mobile Malware:
But according to Sipera’s report, attackers already are going beyond simple spyware. The company’s Viper Lab research unit reported last week that dual-mode devices — the popular smartphones and PDAs that can switch back and forth between cellular and WiFi networks — have already been penetrated. Among the vulnerabilities reported by Sipera:
- A format string vulnerability in Research In Motion’s BlackBerry 7270 SIP stack could allow a remote hacker to disable the phone’s calling features.
- HTC’s HyTN is vulnerable to malformed SIP messages sent over wireless LAN connections, which may cause active calls to disconnect.
- A buffer overflow vulnerability in Samsung’s SCH-i730 phones that run SJPhone SIP clients may allow an attacker to disable the phone and slow down the operating system.
- Dell’s Axim running SJPhone SIP soft phones is vulnerable to denial of service attacks that can freeze the phone and drain the battery.
- A vulnerability found in the SDP parsing module of D-Link DPH-540 and DPH-541 WiFi phones may allow remote attackers to disable the phone’s calling features.
Dual Mode devices “have already been penetrated“. And then the vulnerabilities include very technical attacks that lead to things like hanging my phone up. Ok, so maybe we should be concerned because these are just proof of concepts and there’s going to be a real need to modify budget to address this new, upcoming threat. Read on in the article:
Compared to PC attacks and malware, mobile phone exploits are “practically a flat line,” Marcus concedes. “But attackers will move quickly to any venue that has the user base and kinds of transactions we are seeing emerge in the mobile device space. With the vulnerabilities out there, we can expect the threat to grow very rapidly.”
Vulnerabilities like draining my battery? Maybe I’m goofy, but I tend to think that these sorts of articles have that “cry wolf” impact on real vulnerability/malware articles. How do we know if we can really expect an increase in Threat Events if articles like these are used to make up for a “slow news day”?