Cyber criminals may have created first ‘zombie’ cellphone networkBy ANI
Saturday, July 18, 2009
LONDON - Experts have warned that hackers may have created a network of “zombie” cellphones, similar to a network of virus-infected personal computers, to send spam or carry out cyber attacks.
‘Botnets’ is the term that computer scientists use for such networks of computers.
While millons of machines worldwide are said to be secretly running botnet software, no has ever been discovered running on mobile devices to date.
However, security firm Symantec, headquartered in Cupertino, California, warns that a piece of software known as Sexy Space may be the first case.
The firm has revealed that the software uses text messages reading “A very sexy girl, Try it now!” to jump between phones.
Symantec experts say that the message contains a link that, upon being clicked, asks the user to download a software program.
Just in case the user installs the software, it sends the same message to contacts stored in his/her cellphone.
Although similar SMS viruses have been seen before, Sexy Space is unusual because it also communicates with a central server, and so can be controlled by the hackers who created it.
Zulfikar Ramzan, Symantec’s technical director of security response, says that it has yet to be determined as to how Sexy Space will use the connection to the central server.
“But this has all the makings of a mobile botnet,” New Scientist magazine quoted him as saying.
“As PC botnets go it’s unsophisticated. But it’s a new development in the world of mobile malware,” added Ben Feinstein of SecureWorks, a computer security firm based in Atlanta, Georgia.
The experts fear that infected mobile phones may also be misused to infiltrate computer networks.
This fear stems from the fact that in a demonstration last year, a team from Errata Security, also in Atlanta, used an iPhone sent to a company to spy on its IT infrastructure.
While sat in the firm’s mailroom the phone sent back information about the local wireless systems and computers. A criminal hacker could use the same technique to break into a company’s internal computer network, Errata’s researchers claim. (ANI)