Rutgers Study Roots Smartphones

pic2-37Computer science researchers at Rutgers University are demonstrating that modern smartphones can be overtaken by a serious kind of malware previously only associated with regular computers. "Rootkits"--malware systems that target the operating system and remain undetected--could become a serious security threat to the rapidly expanding smartphone market.

According to Rutgers,

In one test, the researchers showed how a rootkit could turn on a phone’s microphone without the owner knowing it happened. In such a case, an attacker would send an invisible text message to the infected phone telling it to place a call and turn on the microphone, such as when the phone’s owner is in a meeting and the attacker wants to eavesdrop.

In another test, they demonstrated a rootkit that responds to a text query for the phone’s location as furnished by its GPS receiver. This would enable an attacker to track the owner’s whereabouts. Finally, they showed a rootkit turning on power-hungry capabilities, such as the Bluetooth radio and GPS receiver to quickly drain the battery. An owner expecting remaining battery life would instead find the phone dead.

The researchers suggest that developing defenses which can monitor and detect this kind of malware would be the next step for smartphone security.