Story 2014-06-27 3PK "Remote Control Systems" used by law enforcement to root your phone

"Remote Control Systems" used by law enforcement to root your phone

by
in security on (#3PK)
This just in from the Reg, and it's not good: a massive botnet of 320 Command & Control servers placed in 40 countries, and being sold to law enforcement agencies to infiltrate and root cell phone systems.
The Milan-based firm that developed RCS boasts on its website that its malware can crack any mobile operating system and remain undetected while doing so. Based on documents leaked to Citizen Lab, the firm may be correct in its claims. ... Once a target is identified by cops or g-men the malware is sent out and installed, either by tricking the user with a spearphishing attack or by exploiting vulnerabilities in the target's operating system. ... Once on a target's mobile, the RCS software can intercept and record all phone calls, SMS messages, chat conversations from apps such as Viber, WhatsApp and Skype, grab any files or pictures on the handset, spy on the calendar, look up the user's location, and take screenshots whenever the operator specifies, as well as harvesting data from third-party applications like Facebook.
Looks like Android is more at risk here, but iOS can also be hacked, especially if it's been jailbroken. 'Scuze me while I go reinstall a landline and move into the basement with a tinfoil hat and a weapons cache :(
Reply 2 comments

Temp fix (Score: 2, Informative)

by Anonymous Coward on 2014-06-27 13:19 (#29N)

There's a list of IP ranges here at the bottom of the page. I'll be adding them to my hosts file.

not so scared (Score: 0)

by Anonymous Coward on 2014-06-27 22:51 (#29P)

Honestly these are scenarios i assumed when i chose an android, and when i decided later to root. Considering apple & google, i am sure there is quite the fair-share of exploitable holes and weaknesses that we won't hear about for a long time (accidental and intentional); and never doubt that Apple is willing to remote-install apps in your iphone with the right warrants or prodding :)