• Tag Archives mobile phone
  • Cell phone Users can be Secretly tracked Across the globe thanks to SS7 Tracking System

    Since we are living in an era of Mass surveillance conducted by Government as well as private sector industries, and with the boom in surveillance technology, we should be much worried about our privacy.
    According to the companies that create surveillance solutions for law enforcement and intelligence agencies, the surveillance tools are only for governments. But, reality is much more disappointing. These surveillance industries are so poorly regulated and exceedingly secretive that their tools can easily make their way into the hands of repressive organizations.
    Private surveillance vendors sell surveillance tools to governments around the world, that allows cellular networks to collect records about users in an effort to offer substantial cellular service to the agencies. Wherever the user is, it pinpoint the target’s location to keep every track of users who own a cellphone — here or abroad.
    We ourselves give them an open invitation as we all have sensors in our pockets that track our every move wherever we go.
    WHAT WENT WRONG
    The tracking technology takes advantage of the SS7, a global network, which is unfortunately vulnerable.
    SS7 or Signaling System Number 7 is a protocol suite used by most telecommunications operators throughout the world to communicate with one another when directing calls, texts and Internet data. It allows cell phone carriers to collect location information from cell phone towers and share it with each other. A United States carrier will find its customer, no matter if he or she travels to any other country.
    The Washington Post published an awesome article on surveillance technology that can track cell phone users anywhere in the world. Surveillance vendors also now have access to SS7, so that their customers can home in on somebody’ locations as precisely as within a couple of city blocks (or in rural areas, a couple of miles).
    These systems are so effective that it can even detect how fast a person on a city street is walking, or the speed a person’s car is traveling!

    The system was built decades ago, when only a few large carriers controlled the bulk of global phone traffic. Now thousands of companies use SS7 to provide services to billions of phones and other mobile devices, security experts say,” explains the post.

    All of these companies have access to the network and can send queries to other companies on the SS7 system, making the entire network more vulnerable to exploitation. Any one of these companies could share its access with others, including makers of surveillance systems.

    SS7 TRACKING SYSTEM PAIRED UP WITH ‘CATCHERS’
    It is believe that dozens of countries have bought or leased this surveillance technology in the last few years. Having a close look at such tools, it has been discovered that some of the companies that sell SS7 tracking system are advising their customers to pair them with “IMSI catchers” or StingRays.
    StingRays are common surveillance devices that allow law enforcement to mimic a cell phone tower, and track users position who connect to it, and sometimes even intercept calls and Internet traffic, send fake texts, install spyware on a phone, and determine precise locations.

    What’s interesting about this story is not that the cell phone system can track your location worldwide,” said Bruce Schneier, a senior security researcher. “That makes sense; the system has to know where you are. What’s interesting about this story is that anyone can do it.”

    Privacy advocates are not only worried by governments getting their hands on these systems, but also about hackers and criminal gangs using it.

    Please Visit our Computer News Website and Blog

    for latest computer repair and online news.

    Local and Online Virus removal and computer repairs anytime, anywhere

    Fort Lauderdale, Miami, Boca Raton, Boynton Beach and all South Florida


  • SandroRAT Mobile Phone Android Malware that Disguises as Kaspersky Mobile Security

    Researchers have warned users of Android devices to avoid app downloads from particularly unauthorized sources, since a new and sophisticated piece of malware is targeting Android users through phishing emails.
    The malware, dubbed SandroRAT, is currently being used by cybercriminals to target Android users in Poland via a widely spread email spam campaign that delivers a new variant of an Android remote access tool (RAT).
    The emails masquerade itself as a bank alert that warns users of the malware infection in their mobile device and offers a fake mobile security solution in order to get rid of the malware infection.
    The mobile security solution poses as a Kaspersky Mobile Security, but in real, it is a version of SandroRAT, a remote access tool devised for Android devices, whose source code has been put on sale on underground Hack Forums since December last year.
    A mobile malware researcher at McAfee, Carlos Castillo, detailed the new variant of Android remote access trojan over the weekend. According to the researcher, the package spread via phishing campaign is capable of executing several malicious commands on the infected devices.
    SandroRAT gives the attacker an unrestricted access to sensitive details such as SMS messages, contact lists, call logs, browser history (including banking credentials), and GPS location data stored in Android devices and store all the data in an “adaptive multi-rate file on the SD card” to later upload them to a remote command and control (C&C) server.

    Spam campaigns (via SMS or email) are becoming a very popular way to distribute Android malware, which can steal personal information or even obtain complete control of a device with a tools like SandroRat,” wrote Carlos Castillo. “This attack gains credence with the appearance of a bank offering security solutions against banking malware, a typical behavior of legitimate banks.”

    This new version of SandroRAT also has a self-update feature in it and it can install additional malware through user prompts for such actions. The malware gives the attacker full control over the messages, who can intercept, block and steal incoming messages, as well as insert and delete them.
    It also appears that the attacker can send multimedia messages with specific parameters sent by the C&C server and can also record nearby sounds using the device’s mic.
    Castillo also notes that the SandroRAT variant of malware had decryption capabilities for older releases of Whatsapp messaging app. But, the users running the latest version of Whatsapp in their Android devices are not vulnerable because the developers adopted a stronger encryption scheme.

    This decryption routine will not work with WhatsApp chats encrypted by the latest version of the application because the encryption scheme (crypt7) has been updated to make it stronger (using a unique server salt),” Castillo explained. “WhatsApp users should update the app to the latest version,” he advised.

    Users are advised to avoid application downloads from unauthorized sources, particularly when the app download link is send through an email. Good practice is to always prefer downloading apps from the Google Play Store or other trusted sources.

    Please Visit our Computer News Website and Blog

    for latest computer repair and online news.

    Local and Online Virus removal and computer repairs anytime, anywhere

    Fort Lauderdale, Miami, Boca Raton, Boynton Beach and all South Florida