Bugs in-not-on the Mobile Windshield
These days, our smart phone is literally our life. Everything we need (or think we need) is in it. Everything we want to know or do can be done with it.
Of course, it is also a great way for the bad guys to get to you. You may think you are downloading a “clean app” only to find it’s infected as last month’s news about the 25 million android phones infected with a whatsapp malware illustrates.
But in some cases, even if you are extra careful about downloading apps, your phone may already be infected. The reason is that the smartphone you buy may already have 100 to 400 preinstalled apps that were selected by the phone manufacturer. As noted in a BlackHat presentation, these preinstalled apps have become a target of hackers because its a great way to distribute their malware as far and as fast as possible. What can this malware do? It could provide a means for remote access, key-logging or activity monitoring for starters. Not necessarily what you want when your whole life revolves around your phone.
One key point is that hackers are not just focusing on the end-user, they are focused on embedding their malware through the supply chain, knowing that ultimately it will wind up with the target they are after. Companies have to thoroughly vet the secure of the technologies they are using to build products and services for their customers.
And, of course, with smartphone users, practice good mobile hygiene by periodically pruning the apps you have on your phone, running anti-virus software (certainly for Android phones), keep the operating system up-to-date, use a password manager and VPN service when you are on the road. And, like the airplane pre-flight instructions say, take care of your own phone first (but then) assist others — like with your children and their phones.