http://www.darkreading.com/vulnerability_management/security/privacy/showArticle.jhtml?articleID=225200320 By Tim Wilson DarkReading May 26, 2010 Cell phones and other handheld devices could become a great way to listen in on spoken conversations, researchers at George Mason University said this week. In a paper (PDF), researchers Ryan Farley and Xinyuan Wang describe several new plays on the concept of "microphone hijacking," which has been used for years. The idea is to put spyware on mobile devices -- including laptops, cell phones, and PDAs -- that can use their built-in microphones to eavesdrop on nearby conversations. In the past, this eavesdropping has usually been done via the victim's own cell phone or other device. But Farley and Wang describe a way to bug nearby devices belonging to nearby users to achieve similar results. Under the researchers' concept, called a "roving bugnet," the eavesdropper would use a piece of malware called a "bugbot" to listen in on in-person interactions via a nearby smartphone or laptop. Such attacks would be more likely to target specific people (such as an executive or a spouse) than as a broad attack, the researchers say. Farley and Wang conducted experiments on Windows XP and Mac OS laptops. The researchers directed their bugbot to join an Internet Relay Chat channel so they could remotely enable and disable each laptop's microphone, streaming real-time conversations nearby. The same thing, they said, could be done on almost any smartphone. [...] _______________________________________________ Best Selling Security Books and More! Shop InfoSec News http://www.shopinfosecnews.org/Received on Thu May 27 2010 - 01:21:05 PDT
This archive was generated by hypermail 2.2.0 : Thu May 27 2010 - 01:26:24 PDT