Wednesday, June 18, 2014

Spyware in a New Phone, from China

Stephan Dorner, in today's Wall Street Journal has an interesting story about malware found in a phone manufactured in China.  See:  Spyware Detected in Phone, The Wall Street Journal, 18 June 2014
http://online.wsj.com/news/articles/SB20001424052702303384304579630700003634772?mg=reno64-wsj

The phone is the Star 9500 made by a company called Tianxing.  The malware is called Usupay.d and was discovered originally by Kaspersky Labs in 2013, and in the phone by G Data, a German cybersecurity company.  It is embedded in firmware of the phone, making it hard to get rid of without a firmware update. The server for the phone version was in China, which we might expect with a phone made there.  

 There are two main things to consider about this kind of trojan that sends back location information and gives access to the phone to other parties:  (1) it may have not been installed on purpose, and (2) it may be an indication of something even more interesting than just the detection of it.  

 The Chinese are notorious for stealing almost everything, and it should not surprise anyone that they might have been stealing software that was already infected with this trojan.  They can say it wasn't installed by them, it wasn't done as a part of their commercial operations that manufactured the phone, or they can say it was done after the phone was manufactured.  Commercial operations that are discovered putting hacking software into their commercial products will not live very long in the marketplace.  Even Chinese companies know this, and I would guess they didn't do it on purpose.  They are probably scrambling around like fools trying to find out where this came from and how they can get rid of it.   
This has happened before.  If you want to read a spooky account, see last years Ars Technica story by Dan Goodin describing an attack against their software used to discover attack vectors for software.  Firmware attacks are hard to discover and get rid of.  They can end up in commercial products when the machines being used to build a product are already infected.  It doesn't say much for the builder of the product, except "sloppy and unprofessional".  
http://arstechnica.com/security/2013/10/meet-badbios-the-mysterious-mac-and-pc-malware-that-jumps-airgaps/

The second aspect is, I suspect, justice for the people the Chinese steal things from.  Anyone who doesn't use commercial standards for product development deserves what they get.  Amazon books:
at

No comments:

Post a Comment