Smartphone owner? There is no doubt that smartphones and tablets have become the preferred target of cybercriminals lately. Billions of smartphones were sold, so searching for security blanks and exploiting them has become a top priority for fraudsters.
IOS is no longer 100% safe, as the number of malware and cyber attacks targeting Apple's mobile platform has risen steadily in recent years.
From the first worm for iOS (the Ikee) discovered 2009, which just changed the wallpaper of the device with one of Rick Astley, the iOS platform has been targeted by many malware
.
IOS is no longer the safest choice in mobile technology
An Arxan Technology study showed that 87% of 100 top (paid) iOS apps have been cloned for malicious purposes, and distributed via unofficial channels.
Jailbroken devices are easier to tamper with and have been XNetwork's Xsser remote access Trojan (RAT). Security researchers from Lacoon Mobile Security they found it distributed through a Whatsapp message to Hong Kong demonstrators to steal personal data such as contacts, texts, or call logs.
But even non-jailbroken devices are no longer a guarantee of security. In 2014 a malicious one software με το όνομα Wirelurker ανακαλύφθηκε σε ένα store τρίτων για Mac εφαρμογές, το οποίο χτυπούσε τους υπολογιστές και περίμενε μέχρι να συνδεθεί μια συσκευή της Apple. Έτσι μπορούσε να την παραβιάσει και να υποκλέψει προσωπικές πληροφορίες.
Last year, his researchers FireEye ανακάλυψαν μια ευπάθεια στο iOS που επέτρεψε σε μια κακόβουλη εφαρμογή που υπογράφηκε με πιστοποιητικό κάποιας εταιρείας να αντικαταστήσει το αναγνωριστικό packet used to verify app updates. This defect was named Wirelurker.
The XAgent, is another malware that primarily affects iOS versions prior to 8,0, and has been used for cyber-spying. The goal of malware is to steal contacts, text messages, and geo-location information from targeted devices. It could also be used to start voice recording on the device.
Threats and attacks designed for the iOS platform may not be as widespread as those for Android, but they are sure to start increasing in frequency.
Meghan Kelly of security company Lookout says that "today, iOS malware is very similar to 2010 Android malware" and that the landscape of threats to Apple gadgets is almost the same as that observed for the mobile operating system Google five years ago.
Security researchers Bluebox have tested a series of nine different Android tablet tablets for children, and found that virtually all of them had different types of vulnerabilities.
It is important to note that these devices must comply with the Children's Online Privacy Protection Act (COPPA) which prevents tracking and data collection. In addition, they have special software to protect the child's account on the gadget so that it limits changes that are not approved by the guardian-administrator.
The study showed that more than 50% of the tablets had a backdoor that passed the security mechanisms and allowed the root of the device, which allows it to be completely controlled.
Except for two products, all had third-party stores pre-installed, increasing the risk of malware entering from the Internet since these stores do not carry out strict controls in the applications they have.
Another risk discovered by the researchers was that all tablets were sensitive to at least three important vulnerabilities (Futex, ObjectInputStream and BroadAnywhere) that could be used by a malicious user.
However, the biggest risk in the case of Android, as reported by Bluebox, discovered it in one smartphone Mi4 LTE manufactured by Xiaomi.
The researchers bought the device from a retailer in China and tested its security. The results were so incredible, the researchers believed they had been sold a fake device. As it turned out, the phone was real, but the software had been tampered with chain distribution.
The result was a device that included adware and malware and was run with a customized copy of Android vulnerable to Masterkey, FakeID, and Towelroot (Linux futex). In addition to this, the phone was rooted.
Xiaomi, of course, hastened to give explanations when Bluebox published the survey, saying the device was probably tainted by an unofficial retailer from their distribution chain.
All of the above shows that users should also take action to protect their data on portable devices
Everything has become more organized and malicious users seem to constantly invent new attacks that are hard to find by an average user.
An alternative for a secure Android is to directly replace the operating system with one that has been tested by an authorized and trusted source, such as images provided by Google or CyanogenMod.
With iOS, in addition to avoiding jailbreaking, users should avoid suspicious links or downloads of applications from unknown sources.
