As we use our smartphones more and more, they now include nearly all the functions that we have on our personal computers. There are many viruses affecting smartphones, even though they pale in comparison to the amount and malice of viruses on platforms such as Microsoft Windows.
But now hackers are selling malware via dark web black markets that can exploit the inherent security weaknesses on PCs to break their way in to smartphones and other connected devices.
Desktop back door
In a high-tech society, financial institutions, email providers, social media, and many other online services send special confirmation codes to our cell phones. The purpose is to add an additional layer of security and ensure that only the rightful owner can gain access to their private accounts. This "out-of-band" authentication is definitely a step in the right direction, but hackers have already figured out a number of ways to defeat this safety measure.
The dark web holds many secrets and one of them – perhaps common sense to some – is that there may be ways to control your phone from your computer. If you have a smartphone, you should have an account to use some of its features: Apple Store for iPhones, Google Play for Android devices, and Windows Phone Store for Windows phones.
What is the dark web
The dark web is a section of the internet that is not indexed by search engines such as Google and not easily navigated to using a standard web browser.
Accessing the dark web requires specialised knowledge and software tools. An example of this is content only accessible by using the Tor software and anonymity network, which while protecting privacy, is often associated with illicit activities.
Generally not purposefully hidden, this part of the internet is not accessible without a known address or access details. Standard browsers can access deep websites. Typically not indexed by search engines such as Google.
Looking at a training video distributed by a hacker, which promotes his malicious software (a botnet control centre), I observed the ease with which smartphone data is obtained and abused through a Google account. The hacker is hoping that a computer infected with his virus has a Google login that in turn corresponds to a Google Play account.
Setting his trap in multiple languages (adapting to the language of the victim's computer), in a muted video, the hacker types his narration in his native Russian language, explaining the setup. A virus on a computer is stealing Google log-in information as a user is hoaxed into entering additional private data.
The hacker brags how detailed the stolen data can be. Once account access is obtained, the virus starts operating on its own, asking its malevolent questions. First, is this Google account associated with a phone number? Next, is it a smartphone? Then, is it active? What country and phone type is it? And so much more.
The virus even asks permission to use certain device resources like GPS, camera, address book, and others, all of which can be controlled via the computer when installing an application from Google Play.
Now, the hacker explains, partial or full phone control can be gained and, if additional authentication is needed, the user can be goaded into providing such information. SMS messages can be intercepted and even created. Malicious apps can be pushed not only to the device, but also distributed via SMS to the entire address book.
When a virus is roaming free on your computer stealing your credentials to gain access to your accounts and abuse them, the most commonly used website safety feature is to send a confirmation text message to your phone. But since the virus has access to your SMS, it is not much of a deterrent to the hacker.
Watching this video, I shudder at the thought that with one wrong click a virus like this would not only take over my computer, but will slowly take over my phone, tablet, and even gain access to make purchases with credit cards associated with these devices. The contents of these devices can be backed up by the hacker and abused. Like certain types of ransomware, devices can even be locked or fully erased.
What does this all mean? The ease-of-use of technology has created a bond where the line between a personal computer and phone is being erased. Portability is now simple and extremely useful. But that's not all, this type of functionality may be distributed further into your everyday life. Your smart devices, like home appliances, watches, and even cars can all have internet connectivity.
With the compromise of a single device, a chain reaction can be triggered and hackers can access all your connected devices. For example, a compromised Apple ID may lead to theft of data from your iPhone, iPad, iPod, Apple TV, Mac or iCloud.
Hackers have been able to zero-in on these weaknesses and right now the black market is full of competing products to target many related devices stolen from a single compromise. All of them provide "easy and reliable" ways to defraud, abuse, and otherwise disparage these features in technologies.
So, are we hopeless? Not at all. There are ways to be more vigilant about your smart devices. You can track and get notifications of any changes. Hackers thrive on less informed computer users. Some of their fake prompts have grammatical errors, others ask you for unreasonable personal information. Overall, there can clear indicators that your devices have been compromised.
In order to drive a car, we are required to pass a driving test to ensure that we are not going to be a hazard to ourselves or others while on the road. Unfortunately, we do not require a licence to compute, but it would be rather useful to have a duty to learn about the technologies to which we are entrusting our most sensitive information.
Alex Holden is the founder of Hold Security and one of the world's most renowned dark web consultants. Visit www.holdsecurity.com for more info on Alex and his company.