28 March 2012
Users of smartphones should safeguard their data against a new breed of applications that allow hackers to infiltrate some vulnerable handsets.
The warning comes from an analysis of three new ‘phone picking’ apps that enable smartphone tracking and hacking. The research was revealed by E&T magazine, published by the Institution of Engineering and Technology (IET).
Wi-Fi analysis apps such as ‘SharkforRoot’ (Android), ‘SubNetInsight’ (iOS) and ‘Fing’ (Android and iOS), can enable hackers to walk into a premises and penetrate-test the Wi-Fi network from inside the network’s perimeter. It is also possible to use interrogative apps to explore other devices hooked-up to a public access Wi-Fi network. E&T’s research also reveals how these apps can enable users to interrogate a fellow shopper’s handset in a shopping centre.
Although these apps can be downloaded and legally purchased and installed, using them in the UK could contravene the UK Computer Misuse Act, E&T suggests.
“The use of these Prosumer Interrogative Network apps raises a number of concerns about the development of the smartphone apps market,” says E&T Technology Editor James Hayes. “Users should realise that even though they may think their data is safely held on their handsets the technology now exists for people located close to them in public places and elsewhere to infiltrate their devices and access data, or monitor what they are using their devices for.”
There are also hacking techniques that can create a ‘wireless honeypot’. By using an app such as ‘SharkforRoot’, a hacker can collect all manner of users’ credentials.
While creating a ‘wireless honeypot’ is an offence under the Computer Misuse Act (CMA) 1990, the use of an interrogative Wi-Fi app is not. This is because the Act was written long before the arrival of smartphones and tablet PCs, and the legalities around this emerging technology have yet to be tested.
The issues raised by these controversial apps are examined in detail in the April 2012 issue of E&T magazine, published in print and online at www.EandTmagazine.com