Security experts: It's not easy to hack mobile phones

A Tacoma, Washington, family is claiming the mobile phones it uses have been taken over by hackers, who are turning them on at will, capturing conversations and manipulating the mobile phone camera.

The story of the Kuykendall family, as reported in the Tacoma News Tribune last week, seems an unlikely one, with tales of how they believe their cell phones, as well as those owned by other families, have been taken over and cell-phone cameras mysteriously turned on and off. While the mystery of the Kuykendall family's cell-phone experience isn't fully explained, people are wondering whether such events are even possible. Security experts say yes -- but still in the realm of the unlikely.

Security experts from IBM, McAfee and Symantec all agree that mobile phones of virtually any type can be broken into and maliciously controlled, though it takes a high degree of sophistication to do it.

"It's definitely possible but still something that is limited to a very sophisticated attacker," says Neel Mehta, team lead in the advanced research group at IBM's Internet Security Systems Division.

Mehta said malicious code to take over the phone could be sent to the intended victim in the guide of a picture or audio clip. Once the victim clicked on it, however, the malware to control the phone would be installed. Many in the industry refer to this as "snoopware."

This type of cell phone hijacking, enabling the attacker to manipulate the microphone and camera, remains "a very rare occurrence in the field," said Paul Miller, managing director of mobile security at Symantec.

However, he noted that J2EE-styled malware such as the "Red Browser" for sending SMS messages, believed to have originated in Russia, is known to exist, and has been used typically to defraud the victim, particular in Europe. He added the number of viruses targeting smart phones and feature-based cell phones remains low, roughly one in the mobile realm for every 500 viruses targeting PCs, he noted.

Miller also pointed out that there are 'spouse-monitoring tools" that can be obtained on the Internet to snoop on phone use, and some pure hacker varieties of this are starting to appear as well.

McAfee had a similar perspective on hijacking of cell phones, whether feature-added voice phones with cameras or the newer breed of computer-based smartphones, agreeing it can happen but appears to be a rare occurrence.

"People aren't expecting any trouble with mobile phones and in general, it's been a safe tool," says Jan Volzke, senior manager in mobile security at McAfee. But having your cell phone hacked "is possible though unlikely."

Volzke said the ways this might be done would depend on someone deliberately tampering with the cell phone by gaining physical access to it, or possibly tricking the cell phone user into downloading of malicious software through Bluetooth infrared or other means.

Once installed, that Trojan, acting like a small application, would let the attacker remotely control the phone and its features, such as cameras and microphones.

However, Volzke added this kind of attack remains highly unusual and is regarded as likely targeted at the specific individual using the cell phone rather than a mass attack against an entire cell-phone population base.

A Verizon Wireless spokesman said the situation concerning the Kuykendall family, couldn't occur on a CDMA wireless network. Jeffrey Nelson, executive director corporate communications for the carrier, based in Basking Ridge, N.J., says: "As any responsible wireless service provider should, we're investigating to best understand what may have happened in this particular situation, and whether it's even theoretically possible. At this point, we don't believe our customers are in any way vulnerable to the kind of remote hacking you describe."

Yet Nelson declined to give any explanation of why Verizon thinks that. And in response to a request for a technical expert to explain it, he emailed back: "sorry, don't have anybody."

Network World Senior Editor John Cox contributed to this story.

Join the PC World newsletter!

Error: Please check your email address.

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Ellen Messmer

Network World
Show Comments

Essentials

Lexar® JumpDrive® S57 USB 3.0 flash drive

Learn more >

Microsoft L5V-00027 Sculpt Ergonomic Keyboard Desktop

Learn more >

Mobile

Lexar® JumpDrive® S45 USB 3.0 flash drive 

Learn more >

Exec

Audio-Technica ATH-ANC70 Noise Cancelling Headphones

Learn more >

Lexar® Professional 1800x microSDHC™/microSDXC™ UHS-II cards 

Learn more >

HD Pan/Tilt Wi-Fi Camera with Night Vision NC450

Learn more >

Lexar® JumpDrive® C20c USB Type-C flash drive 

Learn more >

Budget

Back To Business Guide

Click for more ›

Most Popular Reviews

Latest News Articles

Resources

PCW Evaluation Team

Michael Hargreaves

Windows 10 for Business / Dell XPS

I’d happily recommend this touchscreen laptop and Windows 10 as a great way to get serious work done at a desk or on the road.

Aysha Strobbe

Windows 10 / HP Spectre

Ultimately, I think the Windows 10 environment is excellent for me as it caters for so many different uses. The inclusion of the Xbox app is also great for when you need some downtime too!

Mark Escubio

Windows 10 / Lenovo Yoga

For me, the Xbox Play Anywhere is a great new feature as it allows you to play your current Xbox games with higher resolutions and better graphics without forking out extra cash for another copy. Although available titles are still scarce, but I’m sure it will grow in time.

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?