Researcher Demos Spy Phone
Since the dawn of the modern smart phone it has been apparent that they can be used to spy on someone. Reviewing cell phone GPS information can track the user’s movements. In addition, if you want to know who calls have been place to or received from a review of the phone’s call logs stores this information.
But in 2009 a new wave of hacking and spying came around, the ability to view the phone's camera lens from a remote location. This was primarily done as a joke (albeit a cruel one) perpetrated by an unknown source. The perpetrator used a loophole in the phone's software to activate the camera and view a live feed of where the camera was pointing. This continued for several weeks and all of a sudden stopped without notice.
Now, however, this is being taken to a whole new level with smartphones. A security researcher has developed a type of non-volatile virus that is purposely placed on your phone. Once this “app” is installed, it then starts to record and transmit everything from physical location to audio and video of what is around the phone, it can even be setup to watch your browsing history or your texting (SMS) chats. This is being hailed as the first eavesdropping spyware of its kind.
Generally, the app would be delivered in the form of a legitimate application (such as Evernote, Facebook or WordsWithFriends) which is downloaded from a third-party source outside of the Google system. The hackers take this legitimate application, insert this extra app, put it all back together and no one is the wiser. It’s when this app is installed that a separate background process is started which installs this spyware.
Do not be too alarmed yet. This particular example was created by a reputable firm who has solved many problems with hacking in its various forms over the years. But it does showcase how vulnerable a smart phone can be when apps are obtained from stores other than Google or Apple. It also emphasizes the need for proper protection using an anti-virus app and/or regular updates.
From a forensics standpoint, the new spyware may give us a clue about what has been taken and where it has gone by monitoring data traffic to and from the phone. This gives our investigators a starting point into determining damage, and if there is enough evidence to prosecute the hacker.
ABOUT THE AUTHOR: Scott Greene, Evidence Solutions, Inc.
For over 30 years, Scott Greene has been helping companies meet the challenges of the swiftly evolving computer technology industry.
Directly from high school, Scott went to work for IBM. Scott studied Systems Engineering at the University of Arizona. He has since earned certifications in many products and programming languages.
The Evidence Solutions team analyzes data from Computers, Cell Phones, Black Boxes, Dispatch Systems, Medical Records, Email systems and more. Scott then explains the digital evidence in plain English.
Scott’s extensive knowledge draws clients to him from all over the United States as well as Internationally for consulting, Forensics and expert witness services. His extensive and diverse experience allows him to be an expert in many facets of digital and electronic evidence. Scott, a sought after speaker and educator, travels throughout the country sharing his knowledge and presenting to local, regional, national and International organizations.
Copyright Evidence Solutions, Inc.
Disclaimer: While every effort has been made to ensure the accuracy of this publication, it is not intended to provide legal advice as individual situations will differ and should be discussed with an expert and/or lawyer.For specific technical or legal advice on the information provided and related topics, please contact the author.
