Music is a Turn-On for Malware

Készült: 2013. június 04
Nyomtatás

We’ve all heard a really annoying song on the radio on the way to the supermarket and then are shocked and ashamed to find ourselves humming the tune while perusing the frozen foods isle. All it takes then is for a fellow shopper to overhear your rendition of that eighties rock classic and before you know it the tune has infected their brain, and so on and so on. All this sounds very much like a virus, spreading from one computer/human to another leaving infection as it travels, if only Symantec did an anti-Irritating eighties rock product!

All joking aside, malware that can spread or receive commands through sound seems like something out of a far-fetched sci-fi movie right? Not according to researchers at the University of Alabama at Birmingham (UAB) who have recently released a paper entitled Sensing-Enabled Channels for Hard-to-Detect Command and Control of Mobile Devices. The paper examines how malware on mobile devices can be activated and controlled using non-Internet channels such as sound, light, magnetic fields, and vibration. Traditional means of controlling malware rely on network-based channels, such as a TCP/IP based channel, that are easily detected and blocked by firewalls and antimalware products, whereas the methods put forward by the UAB researchers would be extremely difficult, if not impossible, to detect.

Mobile devices, such as smartphones and tablets, now include an array of sensors including cameras, microphones, accelerometers, and magnetic field sensors. While these tools were originally included for obvious reasons, like taking pictures and recording your voice, they have since been adopted by application developers to achieve many more things beyond their original function. For example, there are apps that can use the camera on your phone to measure your pulse and others that can use the accelerometer to help detect earthquakes. The ubiquitous nature of mobile devices and their built-in sensors creates plenty of opportunities for attackers according to the UAB researchers, and it is these opportunities that they discuss in detail in their report, going as far as building a proof-of-concept Android app to demonstrate some of their ideas.

The researchers placed their malware, which was designed to remain dormant until activated by certain signals, on an Android phone. They then activated the malware in a busy hallway using music coming from a source 55 feet away. They also successfully activated the malware using music videos, lighting from a television and also an overhead light, magnetic fields, and vibrations from a subwoofer.

This attack method would enable attackers to carry out localized targeted attacks including:

  • Distributed denial-of-service (DDoS) attacks – e.g. using devices at a specific location to bring down a WiFi network
  • Annoyance attacks – e.g. causing all devices at a conference to start playing music or call each other
  • Embarrassment attacks – e.g. displaying embarrassing content on devices
  • Safety hazards – e.g. devices being activated while users are driving
  • Interference attacks – e.g. devices being activated in a hospital in order to interfere with medical equipment
  • Distraction attacks – e.g. devices playing music or ringing in order to distract users from certain actions

While the researchers admit that this type of attack is highly sophisticated and difficult to carry out at present, it will only become easier to accomplish as technology improves. It is for this reason that they believe this type of research is important as it will help the security industry and device manufacturers to stay one step ahead of the bad guys.

The type of hypothetical attack discussed by the researchers relies on the malware getting onto the device through conventional methods, and it is the way in which the attackers communicate with the threat that is different i.e. using unconventional channels. While this research is indeed interesting, embedding hidden signals inside sounds or other broadcasts is just another form of steganography. Regardless, devices running Symantec products would detect the presence and behavior of the malware, irrespective of the means in which it receives its communication.

Source: Symantec

 

Hozzászólások

Hacktivity 2014

Események

Nincs esemény létrehozva még.

mySec talk #7 (ITBN)

Hang alapú hitelesítésre lenne szükségük a hangvezérlésre építő technológiáknak

  Egyre több eszközön van lehetőség a hangvezérlés alapú technológia használatára, azonban a felhasználói h

Hogyan távolíthatjuk el a személyes információkat digitális fotóinkból?

Az ikonikus „Helyzetirányító szoba” fotót, amelyet a Fehér Házban készítettek, mostanra már több mint 2,5

Önmegsemmisítő Facebook- és Twitter-üzeneteket és fotókat kínál a Dstrux

Egy cég, amely az üzleti dokumentumok biztonságba helyezésével foglalkozik, egy „Mission: Impossible” jellegű ö

Megúszta a Gyík Osztag tagja, aki 50 700 rendbeli kiberbűncselekményt követett el

Nem kerül végül rács mögé az a 17 éves bűnöző, aki a hírhedt hackercsapat, a Lizard Squad oszlopos tagja. Juliu

CEO vs. CISO, avagy a biztonság két szemüvegen keresztül

A vállalatok igazgatói továbbra is nagyon eltérően tekintenek a kockázatokra és a védelmi teendőkre, mint a biztonsági v

Alig egy hét múlva Hacktivity

Október 21–22-én, immáron 13. alkalommal gyűlnek össze az etikus

Az Index.hu újságírója lett az „Év információbiztonsági újságírója”

A Hétpecsét Információbiztonsági Egyesület 2006-ban alap&iac

Boldog Új Évet Kívánunk! - 2016.

Az Antivirus.blog nevében Minden Kedves Olvasónknak Egészségben, siker

Ez történt 2015-ben

Nem volt eseménytelen esztendő a 2015. - sem. A legizgalmasabb incidense

mySec Információ

Cron Job Starts