Smartphone security follies: A brief history

The dangers were hammered home last week when the Android Police blog revealed that a vulnerability in the Skype Android application could allow hackers to swipe users' email addresses, contact lists and chat logs.

As smartphones have grown more powerful and complex, so have the threats against them.

This has become especially true as smartphones have evolved from tightly controlled enterprise-centric devices such as Research in Motion's BlackBerry series to consumer-oriented devices such as Android that run on open-source operating systems. These dangers were further hammered home last week when the Android Police blog revealed that a vulnerability in the Skype Android application could allow hackers to swipe users' email addresses, contact lists and chat logs.

LATEST THREAT: Skype for Android leaks user data

With this in mind, we thought it would be a good time to go over some of the highest-profile smartphone security follies of the past few years, whether they came in the form of application vulnerabilities or applications embedded with malicious code. As we go through the years, you'll see that threats to mobile devices have not only become more prevalent but also more complicated.

August 2006: Researcher creates first-ever BlackBerry Trojan

RIM made its name by developing well-engineered mobile devices that could securely deliver corporate email by routing it through the company's own network operations center. In 2006, however, security researcher Jesse D'Aguanno began poking holes in RIM's Teflon by creating the world's first piece of Trojan malware for BlackBerry devices. Demonstrating his creation at the Defcon hacker conference, D'Aguanno showed how he embedded the malware into a harmless-looking tic-tac-toe game download. Once the game was downloaded onto the device, the malware worked with a separate piece of code, called BBProxy, to launch attacks on enterprise networks.

D'Aguanno said he created the Trojan to serve as a heads-up to both RIM and BlackBerry users that they should be more alert to the potential dangers that lurk for mobile devices. Over the past five years, events have proven D'Aguanno's concerns to be accurate.

January 2009: RIM patches PDF vulnerability

Seeing how important PDF files are in the corporate world, RIM would have been negligent if it didn't incorporate them into its BlackBerry devices. Even so, the successful integration of PDFs into RIM devices and its BlackBerry Enterprise Server wasn't headache-free.

In 2009 RIM announced that "multiple security vulnerabilities" existed in some versions of the enterprise servers' PDF distiller that were released as part of its BlackBerry Attachment Service. The vulnerabilities could allow hackers to send users emails containing a "specifically crafted PDF file" that could cause memory corruption and "possibly lead to arbitrary code execution" of the computer hosting the attachment service.

November 2009: iPhone users get Rick Rolled

Stealing peoples' personal information is one thing -- but what sort of monster subjects unsuspecting iPhone users to the horrors of Rick Astley?

That's precisely what happened in late 2009, when the first-ever iPhone worm began forcibly changing users' iPhone wallpaper to a picture of much-loathed '80s singer Rick Astley. The worm was mostly a harmless prank written by an unemployed Australian programmer, but it was a sign of more sophisticated and dangerous iPhone worms to come.

November 2009: iPhone worm goes after banking codes

It only took two weeks for a copycat hacker to use the formula revealed by the "Rick Roll" worm to create a more malicious piece of code to build a botnet used for stealing data such as online banking credentials. The worm was apparently created by Dutch hackers and used a command-and-control strategy that is frequently used in PC-based botnets to steal data from infected devices. The worm only struck jailbroken iPhones, however, so the majority of iPhone users were not at risk.

Join the PC World newsletter!

Error: Please check your email address.

Tags consumer electronicsskypesecurityNetworkingPhonessmartphoneswirelessSkype Android leakanti-malware

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Brad Reed

Network World

Most Popular Reviews

Follow Us

Best Deals on GoodGearGuide

Shopping.com

Latest News Articles

Resources

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Latest Jobs

Shopping.com

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?