Systems for hacking mobile devices take advantage of known vulnerabilities of iOS and Android operating systems and commercial apps too. In some cases these vulnerabilities are unknown for the operating system developers themselves. They are detected by highly qualified independent technicians who prefer to sell their knowledge to companies that pay them up to USD 2.5M, instead of communicating it altruistically, or for a small compensation.
There are many hacking tools available, and the most sophisticated ones leave no trace after the attack, so as not to give clues of what vulnerability they have used, and therefore keep on using it. That is the reason why it is so difficult to work out where they come from and to design specific preventive systems.
After the attack, the FTI consulting company made a forensic report in which they indicated that it was an APT (Advanced Persistent Threat) the one used to hack Jeff Bezos’ iPhone. These types of attacks, instead of causing direct damage, are intended to steal information. One of its premises is to remain as long as possible without being detected to access as much information as possible. The conclusions of the FTI Consulting report come from the analysis of the outgoing traffic of the device, which increased disproportionately after the opening of the famous video sent by WhatsApp to Jeff Bezos’ iPhone.
While it is technically very complex to deal with such attacks, it is possible to prevent and defend yourself against them. Samoby analyzes the incoming and outgoing traffic on the same device, without the need to refer it to third-party servers. Behavior and activity of installed apps, and up to 120 parameters are analyzed too in real time. With this information Samoby can detect suspicious patterns and act immediately by blocking the connections of the smartphone as a whole or just specific apps, and sending automatic alerts to the user and the people in charge of the security of your company in corporate environments.
Is widely believed, but far from reality, that these attacks are isolated and directed only against people in representative positions like Jeff Bezos. There are several mass campaigns like “iOS exploit chains” for iPhone, and “Operation Sheep“, hitting up to 110M of Android devices, that have been harvesting users’ contact information without their consent.
During the time it takes you to read this post, your Smartphone will have connected to multiple remote servers and transmitted a lot of information without your awareness. In most cases such traffic is not malicious and is usual and normal in installed apps, but Samoby can detect suspicious patterns and act accordingly.
If you require further information about privacy and security risks and how to prevent them with Samoby, please contact us.