Smartphone Sensors Could be Used to Activate Malware, Research Shows

Mobile phone sensors such as microphones, accelerometers and cameras might be used to initiate a malware outbreak on smartphones, according to researchers at the University of Alabama at Birmingham.

Fear not – it`s not the end of the digital world, but rather a what-if scenario to prepare the user for the next generation of mobile malware that circumvents the limitations of TCP/IP communications and evades intrusion detection mechanisms.

According to the researchers, the mobile phone`s sensor peripherals could be used for out-of-band communication to receive a trigger message that activates dormant bots on devices within range. Of course, in order for the communication to succeed, malware needs to be planted in advance via old-fashioned mechanisms (such as downloading apps via official or unofficial markets, social engineering attacks or platform exploitation).

“Unlike the traditional command and control communication over a centralized infrastructure (such as a cellular network), out-of-band communication is very hard to detect and even harder to prevent infected mobile bots,” claims the paper.

While the assumptions are interesting, the researchers left out a serious part of the business: the communication channel between the bot and the mothership. Modern malware is highly dependent on two-way communication, so if you`re planning to actually steal data, you`ll still need to send it via the Internet.