Oh, lookie!
A so-called "researcher" has discovered an operater-approved TSR!
WOW! I am SO impressed!
Not.
A security researcher has developed a proof-of-concept malware capable of capturing the actions of users on touchscreen devices. Senior security consultant Neal Hindocha and his colleagues at Trustwave were able to brew up similar strains of prototype malicious code for both rooted Android and jailbroken iOS devices. The line …
Yes, if I'm not mistaken a CPU is sometimes referred to as a GPU because it is a General Processing Unit (the acronym has fallen out of fashion for referring to the CPU because it is ambiguous now GPU is so often used to refer to Graphics Processing Unit). Anyway the reason the acronym hung around so long despite this confusion in usage is because it is such an apt description for the brain of a computing device which can be driven in its calculation and output, entirely by sofware. Mr Hindocha seems to have come up with the novel idea software might be written to control this general computing device, the output of which is controlled entirely by software, and ( let's wait for it again and savour the words, the notion embodies such genius ) log the actions an operator has taken. Brilliant ! Such an advanced notion of what a computer can do. Give the man a Nobel prize for science.
The keywords: rooted and jailbroken. This news is just as troublesome as knowing that if someone manages to gain root or administrator privileges on your operating system he or she can basically do anything they want.
Well, duh!
Come back when you manage to pull this off on an unmodified device which also operates fully stand alone. Or put differently: when you actually manage to provide a real-world demonstration.
quote: "What he's saying is the title should be "Put down that jailbroken iPad! Snoopware RECORDS your EVERY gesture, TAP on jailbroken iOS, normal Android"
*happily continues using normal iPad*"
Well, at least until some security researcher comes up with a proof of concept for a privilege escalation on iOS, possibly like the ones used for rooting the device in the first place.
As long as there are no privilege escalation exploits that malware authours can use to run their touchlogger as root, then your normal iPad will be fine :)
Good article and good find. Only, with some of the ludicrous permissions of apps these days, I feel that quite a few apps already grab enough data to paint a picture of end user daily activity. Hell, Google, apple and the NSA isn't going to miss the opportunity to milk as much data as possible from users, so enters the infinite shades of grey.
There are three, and only three, ways that this can actually spread in the wild:
1 if someone gets a malware package containing something like this onto a computer (probably a Windows machine, but insufficient data) and the victim attaches an Android device. This fails if you don't have an Android device or if you have adequate security on your computer.
2 if someone gets a malware package containing the package onto an Android device which has been rooted. As 99+% Android phones are not rooted, this is unlikely.
3 if someone gets a malware package containing the item onto an iOS device which has been jailbroken. The vast majority of iOS devices are not jailbroken.
This exploit doesn't seem to be particularly serious.