Your phone's infected, you're not coming in
Security experts have warned that malware writers are increasingly targeting mobile phones as vectors for the propagation of viruses and Trojans into corporate networks.
F-Secure said that it is working on a device that will detect infected mobile phones before they have a chance to spread a virus throughout a business using a wireless technology such as Bluetooth.
"A large company would not want somebody entering their premises with an infected phone because they could easily infect the entire company's phones," said Mikko Hyppönen, chief research officer at F-Secure.
The idea for the device came from an F-Secure honeypot test carried out at the CeBIT fair in Hanover to see how many Bluetooth users were walking around with open connections.
The honeypot at CeBIT used a Linux box the size of an ADSL modem, which contained three Bluetooth radios with a range of 100 metres. F-Secure logged 12,500 unique devices that had Bluetooth enabled and visible.
"We are building this honeypot technology further, and the box is capable of making itself appear like several different mobile phones at the same time," said Hyppönen.
"So it can claim to be a Symbian phone or a Windows Mobile phone and access incoming file transfer and even scan those files for mobile phones viruses."
Hyppönen added that the problem is figuring out who has the infected phone, as it would be hard to find just by the name on the Bluetooth list. "But at least you know someone on your premises has an infected phone," he said.
Security experts have warned that malware writers are increasingly targeting mobile phones as vectors for the propagation of viruses and Trojans into corporate networks.
F-Secure said that it is working on a device that will detect infected mobile phones before they have a chance to spread a virus throughout a business using a wireless technology such as Bluetooth.
"A large company would not want somebody entering their premises with an infected phone because they could easily infect the entire company's phones," said Mikko Hyppönen, chief research officer at F-Secure.
The idea for the device came from an F-Secure honeypot test carried out at the CeBIT fair in Hanover to see how many Bluetooth users were walking around with open connections.
The honeypot at CeBIT used a Linux box the size of an ADSL modem, which contained three Bluetooth radios with a range of 100 metres. F-Secure logged 12,500 unique devices that had Bluetooth enabled and visible.
"We are building this honeypot technology further, and the box is capable of making itself appear like several different mobile phones at the same time," said Hyppönen.
"So it can claim to be a Symbian phone or a Windows Mobile phone and access incoming file transfer and even scan those files for mobile phones viruses."
Hyppönen added that the problem is figuring out who has the infected phone, as it would be hard to find just by the name on the Bluetooth list. "But at least you know someone on your premises has an infected phone," he said.
Share this page
Email this page
Back to Top
Home
Edit Post
0 comments: