Mobile phone sensors such as microphones, accelerometers and cameras might be used to initiate a malware outbreak on smartphones, according to researchers at the University of Alabama at Birmingham.
Fear not – it`s not the end of the digital world, but rather a what-if scenario to prepare the user for the next generation of mobile malware that circumvents the limitations of TCP/IP communications and evades intrusion detection mechanisms.
According to the researchers, the mobile phone`s sensor peripherals could be used for out-of-band communication to receive a trigger message that activates dormant bots on devices within range. Of course, in order for the communication to succeed, malware needs to be planted in advance via old-fashioned mechanisms (such as downloading apps via official or unofficial markets, social engineering attacks or platform exploitation).
“Unlike the traditional command and control communication over a centralized infrastructure (such as a cellular network), out-of-band communication is very hard to detect and even harder to prevent infected mobile bots,” claims the paper.
While the assumptions are interesting, the researchers left out a serious part of the business: the communication channel between the bot and the mothership. Modern malware is highly dependent on two-way communication, so if you`re planning to actually steal data, you`ll still need to send it via the Internet.
tags
Bogdan is living his second childhood at Bitdefender as director of threat research.
View all postsApril 01, 2024
November 28, 2023
August 10, 2023