Source: CNet
Complete item
Description:
Be careful who you give your mobile phone number out to. An attacker with the right toolkits and skill could hijack your phone remotely just by sending SMS messages to it, according to mobile security firm Trust Digital.
In what it calls a "Midnight Raid Attack" because it would be most effective when a victim is asleep, an attacker could send a text message to a phone that would automatically start up a Web browser and direct the phone to a malicious Web site, said Dan Dearing, vice president of marketing at Trust Digital. The Web site could then download an executable file on the mobile phone that steals data off the phone, he said.
Dearing demonstrates how this can be done in a video on YouTube.
In another type of attack, an attacker could hijack a phone by sending a type of SMS message called a control message over the GSM network to a victim's phone that is using a Wi-Fi network and then use special toolkits to sniff the Wifi traffic looking for the victim's e-mail log-in information. This attack is explained in another YouTube video.
While the attacks at this point are proof-of-concepts, they could be done if someone has the requisite knowledge and toolkits, said Dearing. Trust Digital recently announced software called EMM 8.0 that can help organizations protect employee phones from these types of attacks, he said.
"This is a completely real threat," said Philippe Winthrop, a director in the global wireless practice at Strategy Analytics. "We will see these attacks. It's a matter of time."
![Reblog this post [with Zemanta]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_uP5iNi99xoFPMu-EagDahekGnPOsAclXeBfr0pj0Cyxtc5EF9BKhUtjE6csP0CBgN3XEKvY3NuSECqPrkg_jMpbuvli7C4wGvl_GdZMhXzL25IO7WZ7gLnHeThuR1jb3Vidtl6didbbJ2gfaL14bQ=s0-d)
be entertained
THIS HAPPENED TO BOTH ME AND MY GIRLFRIEND EARLIER THIS MONTH (APRIL '09) IN VANCOUVER, WASHINGTON! DRUGGIES FROM CAMAS, WASHINGTON COMPROMISED MY YAHOO & MYSPACE ACCOUNTS AS WELL AS OUR CELLPHONES. THEY INTRODUCED SPYBOTS, IBOTS, AND NETBOTS TO MY PC AND DID A MIDNIGHT RAID ON OUR CELLPHONES CAPTURING ALL THE ADDRESSES ON OUR SIMCARDS. THEY TURNED OFF ENCRYPTION FEATURES ON BOTH THE CELLPHONES AND THE PCS, BROKE INTO MY HOUSE AND CHANGED SETTINGS ON THE PC, TURNED OFF FIREWALLS AND VIRUS PROTECTION. ALL OF THIS IS DRUG RELATED WHICH PEOPLE HAVE REPORTED TO AUTHORITIES NUMEROUS TIMES.