Botnet Malware Hoax Gets 8000 iPhone And Android Users

Two researchers at TippingPoint’s Digital Vaccine Group have succeeded in bringing together approximately 8000 iPhone and Android users, into a bonnet experiment to demonstrate the distribution of malware.

Derek Brown and Daniel Tijerina discussed their experiment at the RSA Conference held in San Francisco last week: the main objective was to demonstrate how a weather application for smart phones behaves in a similar manner to traditional malware attacks, with the ability to steal information and allowing remote control of the devices.

WeatherFist is the name of the app created by Derek and Daniel. Do you know this app? You might be one of those 8000 users. The app was not distributed through official channels ( i.e Apple’s App Store ), instead they distributed the WeatherFist application via third party app markets like Cydia, SlideME and Modmyi, meaning that it could only be installed on jailbroken iPhones or Android devices where users had specifically given permission for non-approved applications to be run.

Basically the app makes a request to obtain your GPS coordinates and sends them to a server where they are converted into the corresponding Zip code. This data was sent to WeatherUnderground.com , from where the apps pulls the weather info for your area.

Ok, nothing unusual so far. Sure, but Derek and Daniel said they have created a malicious version of the same app called WeatherFistBadMonkey, able to gain control of remote devices and access sensitive information.

Oh snap, kid…. this is crazy. Yeah it is. Once again, this kind of attacks can only affect jailbroken users. To protect yourself against malware, change your SSH password. See tutorial here



LATEST ARTICLES



SUPPORT

We don't think that using an adblocker = piracy. That's simply not true. We use and recommend uBlock Origin.

However, as a small non-corporate website, we would appreciate it if you'd consider whitelisting FSM in your adblock of choice.

Alternatively, consider donating using the options below....

PayPal  
Monero (XMR) 43GnqUNJrTi9QyL7kEH8vM8pgWGCE6bjv1FSRipeNMM4TTeNnUVsRBb6MfMpQYxtLE7ReonxVVSXz2rFCEdW5H11LC3x73b
Bitcoin (BTC) 1Hfuq77gKKFJeNcq4EP4dQK3yDRWrFEwJR
Bitcoin Cash (BCH) qzmdm6e6q5wf2p6sxz2mst7cenz60newwc5m4e9js8
Ether (ETH) 0x5f02869278C24A6579d3820f52AD15936D6F9d69
Stellar (XLM) GDWT2QU2CI3GZ5XH5DTSU3IUAHZMTB6VQKKRHBYWS5YCCQOAG6OKG2OB
More content?  
Ads Blocker Image Powered by Code Help Pro

Congrats on using an adblocker. We mean it.

Please support us by disabling your AdBlocker or whitelist us.

Thank you! ❤️