App that can steal money from mobiles uncovered

Monday, 14 May 2012 00:00 - - {{hitsCtrl.values.hits}}

A smartphone application that is capable of transferring prepaid phone credit without the phone user’s authorisation or knowledge has been discovered by the Network Security Group at the American University of Beirut (AUB).

Once installed, the app, which maquerades as a benign messaging app, starts sending and intercepting SMS messages, causing unauthorised credit transfers to another phone number without being detected. “The potential impact of the app is in the loss of millions of dollars from the accounts of phone subscribers,” said Imad ElHajj, one of the researchers and professor of electrical and computer engineering at AUB. “The vulnerability exists on most smartphone operating systems, and affects many operators in the region, including the two operators in Lebanon who were informed about this vulnerability.”

A prototype application was demonstrated on a Samsung smartphone running the Android 2.3 operating system over both mobile network operators in Lebanon. The malware was not detected by any virus detection tools, and could be published on Google’s Play Store. This vulnerability was discovered by the group as part of a research project funded by TELUS Corporation, Canada. (Itp.net)

Discover Kapruka, the leading online shopping platform in Sri Lanka, where you can conveniently send Gifts and Flowers to your loved ones for any event including Valentine ’s Day. Explore a wide range of popular Shopping Categories on Kapruka, including Toys, Groceries, Electronics, Birthday Cakes, Fruits, Chocolates, Flower Bouquets, Clothing, Watches, Lingerie, Gift Sets and Jewellery. Also if you’re interested in selling with Kapruka, Partner Central by Kapruka is the best solution to start with. Moreover, through Kapruka Global Shop, you can also enjoy the convenience of purchasing products from renowned platforms like Amazon and eBay and have them delivered to Sri Lanka.