Researchers have discovered a security vulnerability to smartphones running Google’s Android mobile operating system that could allow attackers to take full control of the user’s contacts and messages. Moreover it can also track the user’s location by integrating with cell tower of a telecom company.
Authentic Android applications are cryptographically marked to ensure they cannot be modified by parties other than the trusted developer. Hackers exploit the susceptibility can modify app code without changing the verification signature. This defect was present since the release of Android 1.6.
The malware can read the system files of the device as well as app data like e-mails, SMS etc. Moreover, it can also retrieve all stored account & service passwords. The most annoying part is that it can make arbitrary phone calls and send arbitrary SMS messages at the wish of the malware’s operator. It can turn on the camera and record calls. The hacker can take advantage of the always-on, always-connected nature of these mobile devices.
One of the victim’s was observed to be sent a corrupted version of Kakao Talk, which is a mobile messaging app for Android. It was sent via an e-mail that appeared to be coming from an authentic contact. The app was so designed to periodically combine the user’s contacts and sms accounts into a file called “info.txt” that was sent to a remote server camouflaged as Baidu, the Chinese search engine. And when the malware’s operator sent a certain code to the infected phone via text message, it was designed to hide that text message and invisibly respond to information related to the mobile network.