Music can trigger mobile malware: research
Researchers at the University of Alabama at Birmingham (UAB) showed that it is possible to trigger malware hidden in mobile devices using music, lighting, or vibration.
In a research paper titled “Sensing-Enabled Channels for Hard-to-Detect Command and Control of Mobile Devices”, the researchers reported that they triggered malware hidden in mobile devices using music from 17 metres away in a crowded hallway.
The researchers also successfully triggered malware using lighting from a TV or computer monitor, vibrations from a low frequency speaker, and magnetic fields.
“When you go to an arena or Starbucks, you don’t expect the music to have a hidden message, so this is a big paradigm shift because the public sees only e-mails and the Internet as vulnerable to malware attacks,” said Ragib Hasan, assistant professor of computer and information sciences and director of the SECRET computing lab.
“We devote a lot of our efforts towards securing traditional communication channels. But when bad guys use such hidden and unexpected methods to communicate, it is difficult if not impossible to detect that.”
Trigger malware using a light channel
The bandwidth used to trigger the malware was as low as five bits per second, significantly less than the typical bandwidth used by devices.
“This kind of attack is sophisticated and difficult to build, but it will become increasingly easier to accomplish in the future as technology improves,” said Shams Zawoad, a doctoral student who worked on the research.
“We need to create defenses before these attacks become widespread, so it is better that we find out these techniques first and stay one step ahead.”
Trigger malware using a magnetic channel
Trigger malware using an audio channel
Images courtesy of the University of Alabama at Birmingham’s Secret lab
More on mobile security
Beware cellphone cyber-crime in South Africa: Norton
Bad online passwords: are you guilty?
Loading ...