"x undercover" real-time monitoring of cell phone calls is actually a mobile virus

National Computer virus Emergency Treatment Center is a special discovery, collection in China's popular computer, mobile phone virus, and the virus anatomy, analysis of the organization, its weekly report of a virus monitoring.　　Recently, it intercepted a new variant called "X undercover" cell phone virus, and suggested that the mobile phone user who had already been infected with the variant should immediately upgrade the anti-virus software in the handset and carry out a full antivirus. What is "x undercover"?　　What's the harm?　　Online Hawking "x Undercover" "x Undercover" the official virus name is Flexispy, online has a so-called flexispy "China General Agent" website. According to the website, the developer of the software is a Thai company specially installed on smartphones to secretly send communications and text messages to designated email accounts.　　A total of four products sold online, according to the function of different prices from 980 to 2980 yuan. The reporter and the website provides a customer service QQ number to obtain the contact, the other side said that can see the phone and SMS use records sold 980 yuan, the relevant records will be placed on a website, users by user name and password can be viewed, if you want real-time monitoring of the other calls, to buy a 1980-dollar enhanced version. There is also a 2980-dollar commercial version, in addition to real-time monitoring, but also can locate 5 mobile phone specific location. If you want to buy, confirm the version to be ordered, and submit a mailbox, the other side will call a remittance account.　　When the money is received, the installer for the related software is sent to the mailbox.　　The experimenter said: "x undercover" can really monitor real time. Liu is a beijing-based mobile security technician who used the "x undercover" software in his lab. First of all, to install this software to the phone you want to monitor (a mobile phone), the program is not large, only 300 k, can be transmitted via Bluetooth or MMS. After the installation is successful, the system will prompt you to enter the mobile phone number (b mobile phone) used for monitoring, after entering the number, the installation process is over, not 5 minutes before and after. "In the course of the experiment, Liu asked an assistant to hold a mobile phone to a room next to him, holding a B cell phone in the lab.　　Later, he asked his assistant to use a cell phone to call, after the phone was connected, his B phone in his hands clearly came the voice of the assistant and the other side of the call.　　Liu emphasized two points: first, the software is very subtle, after installation, in a mobile phone screen and the program can not find the relevant records, users are difficult to find; second, if the use of a mobile phone to send text messages, b mobile phone can immediately know the time to send text messages and the number of recipients, but do not know the text message content.　　The principle of "x undercover" is to force the launch of the three-party call. Liu said that the X undercover software mainly exploits the vulnerabilities in the three-party call function of smartphones. The tripartite call is also called multiparty call or conference call, which is based on the call waiting and maintenance of a business.　Three-party calls can simulate the effect of a Live Meeting, first of all to have an organizer, he is responsible for organizing the participants to join, and control the meeting.　For example, customer A as the initiator of the three-party call, first with customer B to establish a call, and let B do not hang the phone; then a normal call to call the customer C, and C call, and then press the call key to achieve customer A, B, C simultaneous calls. A technician at Hangzhou branch, a carrier, said all smartphones have a three-party call function, but they have to go to the appropriate operators to open the business.　　As far as he is aware, many customers will be in the net when the operation of the election. "X undercover work is actually forced to open the infected cell phone three-party call function." In other words, when the infected cell phone is on the phone, the phone used for listening is forced to ' insert ' into the shared call sequence, as if we were sitting together for a meeting. So as long as the listener does not make a sound, the other two parties will not be aware of. As for the text, the phone installed with the X undercover software is the equivalent of the default to open the SMS distribution function, the main machine to send and receive information record synchronization ' CC ' A to monitor mobile phone.　　"Liu said. Alleged infringement of citizen's freedom of communication and privacy Zhejiang Ying PU law firm Lee Lawyer said that the Constitution expressly stipulates: The People's Republic of China's citizens of the freedom of communication and communication secrets are protected by law.　　No organization or individual may infringe upon the freedom of communication and communication secrets of a citizen for any reason other than the inspection of communications by the public security organ or the procuratorial organ in accordance with the procedures prescribed by law, except as a result of national security or the need to pursue criminal offences. Lawyer Li believes that first, the X undercover software itself should be defined as spy equipment, the seller to "eavesdrop on other people's information," such as bait to defraud users to buy, which has violated the relevant provisions of the Penal Code; second, buyers buy, on the other person's mobile phone installation, so as to achieve the purpose of monitoring,　　This is also alleged to infringe upon citizens ' freedom of communication and privacy.　　News Accessories News Accessories How many kinds of virus are there?　　How much harm is there? Beijing Network Qin World Technology Co., Ltd. ("NetQin") is the world's largest mobile security service leading manufacturer, has now more than 200 countries and regions around the world to provide mobile security services for more than 70 million users.　　Company staff Liu Jingjing said, in addition to x undercover and other types of privacy theft virus, mobile phone viruses can be divided into account theft category, malicious deduction and functional categories of three kinds of damage. Account Theft class Case: CCTV weekly quality report reported last month, a Beijing company staff Kim in the use of mobile phone login QQ, found that the phone network hint password error. Tried a few times, Jin found still not in the login.　　A mobile phone Security Research Institute in Beijing, technical personnel after testing told Kim, mobile phone in a call "QQ thief Horn" mobile virus, this is a special steal mobile phone users qq password virus. Liu Jingjing said, this kind of virus often disguised as some mobile phone commonly used software, such as QQ some auxiliary game software, a lot of users online download, it infected the virus. The virus starts automatically in the background, automatically listens for and steals user-related accounts and passwords, andSent externally. They have experimented with downloading and installing a stolen virus called "end-level thieves" on their mobile phones, and then made a phone-shopping trip online.　　Just a few seconds after the experimenter entered the account password, the technician was given two text messages, clearly showing the account number and password that were logged in. Malicious deduction of the case: Xinxiang, Henan Province, the mobile phone users Mr. Li did not send text messages, the bill of fare has sent a note of the deduction record.　　Professional in Mr. Lee's mobile phone after a careful examination found that a mobile phone in a phone box called the application software, hiding an insignificant small plug-ins, this small plug-in is actually a mobile phone virus. Liu Jingjing said, malicious debit virus can also be divided into two types, one is the consumption of Internet traffic type, one is malicious deduction charges. For example, 2009 popular "MMS Skull" mobile virus, will give smartphone users to send a link to the MMS, as long as the user points to this link, the mobile phone will continue to send out MMS, resulting in the waste of user charges. In order to increase the user's poisoning probability, mobile phone hackers often use some of the seductive language of text messages or MMS, luring mobile phone users to actively click.　　Users should pay special attention if they find their mobile phone spending a lot of money in a short time. Functional destruction cases: including the Philippines, Finland and other countries have a large area of the outbreak of a worm called Cabir. The virus is rapidly flooding the phone with Bluetooth installed.　　Although it is not very destructive, but once the phone is infected, it will continue to try to spread the virus through Bluetooth to other mobile phones, so that cell phone batteries quickly consumed. In recent years, Liu Jingjing said, the only virus that only destroys a certain function of a cell phone has been rare, because it does not produce economic benefits. More of the situation is combined with the above several viruses to spread.