Regardless of what the 'official brand name' of spyware products, one should also consider what are the standards of development in the developers company, and following that logic, what else may have sneaked into the code of the spyware product.
Spirovski Bozidar
http://www.shortinfosec.net
A well known commercial provider of spyware applications for numerous mobile platforms, has recently ported its Mobile Spy app to the Android mobile OS.
Just like previous releases of the application, the Android version keeps a detailed log of GPS locations, calls, visited URLs, and incoming/outgoing SMS messages, available at the disposal of the attacker who installed it manually by obtaining physical access to the targeted device.
More details:
“Mobile Spy runs in total stealth mode and no mentions of the program are shown inside the Android device. After the software is set up on the phone, it silently records GPS locations at a rate decided by the owner of the phone. The entire text of all SMS text messages, along with the associated phone number, is also recorded. Additionally, inbound and outbound call information with duration of the call is recorded. Immediately after activities are logged, they are silently uploaded to the user’s private online account.
Mobile Spy runs on all Android devices, including the new My Touch 3G by T-Mobile and Motorola Droid. The software also has a version for iPhone, BlackBerry and other smartphones running the Windows Mobile or Symbian OS operating systems. These devices are available from most major mobile carriers.”
Despite the company’s positioning as a vendor offering the ability to “silently record SMS text messages, GPS locations and call info of your child or employee“, two years ago, F-Secure and Airscanner revealed trivial security vulnerabilities within the most popular vendors of spyware applications( FlexiSpy and Retina-X Studios, LLC), allowing anyone easy access to someone else’s spying logs.
Others, on the other hand have already flagged the application as spyware within their mobile antivirus solutions.
- Consider going through related posts: The future of mobile malware - digitally signed by Symbian?; Transmitter.C mobile malware spreading in the wild; New Symbian-based mobile worm circulating in the wild; New mobile malware silently transfers account credit
Despite the clear commercial interest in releasing such applications, last month US-CERT warned on the public release of the first free BlackBerry spying application (PhoneSnoop) released by Sheran Gunasekera at this year’s HITBSecConf 2009.
It its current form, Mobile Spy acts and hides like a malware would, however, the day when the vendor starts playing a “cat and mouse” game with antivirus vendors by systematically obfuscating its releases — like cybercriminals do in order to evade detection — it would officially join the mobile malware market segment.
