It looks like mobile malware authors may be moving into the kernel. Software that operates in the kernel has access to the entire system. Hidden, undocumented functions can provide untraceable access to the filesystem. Rootkits are generally used to hide the presence of other malicious software or activity.
Recently, an independent security research group released a number of ROM images(colloquially “ROMs”) from various Symbian phones. Their goal was to encourage vulnerability research on mobile phones.
The risk is not that these researchers have published the ROMs. Any one who owns a Symbian phone can, with publicly available tools, extract their own ROM image. The real risk arises from the nearly 600 KB of analysis and research guidelines they have provided.
The current situation is that malware authors are limited to user space. All current mobile malware has been created either with the publicly available SDKs or cobbled together from other malware. Essentially, most of the trouble so far is caused by applications. Malicious applications, but still only applications not system software.
Info on mobile phone antivirus, anti-malware software and commentary on mobile security.
Tuesday, June 06, 2006
Fun with ROMS
From Mcafee Avert Labs Blog:
Subscribe to:
Posts (Atom)
Auto "Kill Switch", solving the wrong problem?
Consumer Watchdog, a consumer advocacy group, put out a report on the dangers of Internet connected cars. They received coverage on the nigh...
-
Consumer Watchdog, a consumer advocacy group, put out a report on the dangers of Internet connected cars. They received coverage on the nigh...
-
A number of factors drive malware on new platforms. The chance for pure discovery and experimentation, the desire to be the first, a need to...