Mobile hacking: Prudence pays

Sangeet Toor

Cell phones are a form of computer and, like any other computer, these can get hacked too. The kind of information stored on this device is lucrative for the attacker. Imagine the number and the kind of applications in use on cell phones — banking, shopping, eating, travelling and whatnot. A hacker needs to do just one thing to steal all that is there on the phone — crawl in. He/she will get hold of credit card information, personal information, and the stored passwords. There are many ways one can get into a phone without letting the owner know.

Signs of malware 

It is very difficult to know if the phone has malware on it. The user must note small changes in the cell phone response to assess if it needs a clean up. Following are the few signs that a cell phone raises after the installation of malicious code:

• The battery is always low: The phone starts consuming battery very rapidly. The battery charge percentage keeps dropping even when the owner does not use it.
• The performance drops: The phone suddenly starts to operate very slowly. It takes ages to open applications.
• Data-guzzling machine: There is a sudden rise in the cell phone data usage. With usual cell phone usage, the owner can see that the daily data has been consumed.

How to get rid of the malware

Android phone

• First, put the phone in Safe Mode. This will disable any third-party application from the phone. If the phone runs smoothly after doing this, be assured that the malware is dormant.
• Next, go into the Settings, and uninstall the applications that are suspicious.
• If the Uninstall button is grey, it means the malicious application has given itself administrator rights. Go into the Security Settings and remove the administrator rights for the application and then uninstall it.
• In case, the application is not uninstalled, do the Factory Reset. But before doing that, backup the data in the phone.

iPhone

For Apple users, the good news is that not only are iOS malware rare, they also do not manifest themselves outside of the application. Update the applications on the cell phone whenever an update appears, most of the malicious code is simply removed by updating the app.

The phone is a wallet, or a small suitcase that contains sensitive, personal and invaluable information. It is physically possessed by the owner, but it can be broken into remotely. Follow the tips given above to avoid theft of your information.

Phone usage hygiene

• Do not use a public WiFi. If it is an absolute must to use one, do not access sensitive information on the phone while it is connected to the public WiFi.
• Update the phone regularly. Postponing the updates of the phone operating system and application is an open call to the attackers. 
• Download applications only from official platforms. The attackers can get past the security in trusted platforms, but the chances of downloading malicious application are much lower.
• Do not jailbreak or root the phone. Doing so bypasses the security mechanisms of the device.
• Check what you allow an application to access on your phone. Do not allow an application to use location or camera or other application when not in use. Be prudent in giving out access.

Attack vectors

Phishing email: A legitimate looking email is sent, which the owner opens on the phone. A malicious code is installed on the phone, which then steals data, and constantly sends it out to the attacker.

Insecure applications: The owner needs to download just one insecure application to loose it all. Even trusted sources like Google Play and Apple’s app store are not secure; there are instances where malicious applications get hosted on these trusted platforms. Some supposedly secure applications on these platforms are apparently insecure with multiple security holes.

Android phones: They hold 85 per cent of the world market share of cell phones and attackers have developed advanced threat tools to attack these phones. Although Apple iOS has weaknesses too, but the shear number of Android phones have made them more prone to attacks.