Gaining access to the private data on your smartphone doesn’t always involve you downloading a malware app or, in fact, doing anything at all. Matthew Solnik, who works at security firm Accuvant Inc., claims he can take total control of a smartphone from 30 feet away. He can read emails, take photos or videos with the phone, or install apps.
With the help of a fake cell tower device that costs under $1000, Solnik says, “anything [hackers] choose to do, they can,” all without notifying the user or the cellular network provider.
Solnik will present his research at this week’s Black Hat security conference in Las Vegas, and he will not be alone in presenting mobile security attacks. A researcher from Bluebox Labs will present the Fake ID bug he discovered in Google’s Android mobile operating system (see our previous blog post), and Georgia Institute of Technology students will present new methods for assuming control of Apple’s iPhone.
Most consumers are unaware of the security threats posed by carrying a tiny computer around in their pocket, especially one that contains so much sensitive information and is nearly always connected to the Internet.
As mobile security continues to become a more pressing issue for smartphone makers, phone companies, and consumers, it will be exciting to watch the development of new tools and techniques to protect the unassuming smartphone user from privacy-invading hackers.
Source: Wall Street Journal [link via Google]