BlackBerry malware Attack Risk User Address book can be stolen
Source: Internet
Author: User
KeywordsBlackBerry user installation attack target
Beijing time February 8 morning news, according to foreign media reported today, Veracode Research Laboratory senior researcher Thelles Chilz (Tyler Shields) has written a number of malicious software for the BlackBerry, can illegally obtain user contacts and Inbox text messages. After being attacked by malware, an attacker simply sends a text message to the user's BlackBerry and sends a text message from the phone's address book and Inbox to any e-mail. In addition, through malware, an attacker can even view all of the user's phone records, monitor all messages received, use GPS to track the user's location in real time, or turn on the phone microphone to monitor the sounds around them. "This is a test that uses the application interface (API) provided by the handset manufacturer to write such code," says Shields. "He called the project" Txsbbspy "and released the source code for the malware, but the code was not executable. "My goal is to demonstrate how easy it is to make mobile malware," he said. He also said that Txsbbspy "can get data from mobile phones, including real-time data and snapshot data, sent via SMS or email to a Web server, or via TCP or UDP connections." However, these attacks are initiated on the premise that the malware has been installed on the user's BlackBerry. This can be done by sending an email or text message with a web link to an attack target, and it can also be hidden behind the legitimate software of the mobile App Store. BlackBerry has a strong security mechanism to deal with various types of attacks. For example, a user can set what specific data a particular application can obtain. But many smartphone users are not aware of the security risks of their phones or the seriousness of the risks. Trend Technology A survey started last August showed that only 23% of smartphone users have security software installed. Shields said mobile app stores should also take more steps to enhance security. The user should not click the "I trust this app" button on the phone because it will allow the application to get all of the user's personal information. (D-Gold)
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
