Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Android Trojan captures credit card details (Spoken or typed)
02-01-2011, 10:47 PM,
#1
Android Trojan captures credit card details (Spoken or typed)
Written by:Gareth Halfacree


A team of security researchers has created a proof-of-concept Trojan for Android handsets that is capable of listening out for credit card numbers - typed or spoken - and relaying them back to the application's creator.

The team, comprised of Roman Schlegel from the City University of Hong Kong and Kehuan Zhang, Xiaoyong Zhou, Mehool Intwala, Apu Kapadia, and Xiao Feng Wang from the Indiana University Bloomington, call their creation 'Soundminer' - and its implications are far-reaching.

Software released for Android devices has to request permissions for each system function it accesses - with apps commonly requesting access to the network, phone call functionality, internal and external storage devices, and miscellaneous hardware functions such as the backlight, LED, or microphone. These requests are grouped into categories and presented to the user at the point of installation - helping to minimise the chance of a Trojan slipping by.

Soundminer takes a novel approach to these restrictions, by only requesting access to 'Phone calls,' to read phone state and identity, 'Your personal information,' to read contact data, and 'Hardware controls' to record audio - none of which will ring alarm bells if the app is marketed as a voice recording tool.

Once installed, however, Soundminer sits in the background and waits for a call to be placed - hence the access to the 'Phone calls' category. When triggered by a call, the application listens out for the user entering credit card information or a PIN and silently records the information, performing the necessary analysis to turn it from a sound recording into a number.

The software works for both spoken numbers, as requested by some voice-activated IVR systems and by human operators, and numbers typed into the virtual dialpad on the phone - recognising the DTMF tones and translating them back into numbers again.

As Soundminer doesn't have access to the 'Network communication' category, it's unable to transmit the data it captures - relying on a second app, called Deliverer, which exists purely to relay the data to the attacker.

Predicting that this kind of attack could take place, Google has made it difficult for two applications to transfer data to each other without the user knowing about it. Working around this, the team found that if they used Soundminer to modify hardware settings such as backlight timeout and ring volume, the Deliverer app could read those settings back without arousing suspicion - a covert back-channel that makes fooling the user significantly easier.

In the team's research paper (PDF), they suggest a defence mechanism against Soundminer: an intermediary layer that analyses input from the microphone before passing it to an application, able to detect credit card numbers and prevent their transmission to Soundminer-like Trojans.

The researchers are due to present their findings at next month's Network & Distributed System Security Symposium in San Diego, but if that's too far away - geographically or temporally - you can check out a video of Soundminder in action below.

It's been a bad day for Android, as earlier we reported on an exploit that turns a handset running the OS into a USB snooping device.



http://www.thinq.co.uk/2011/1/20/android-trojan-captures-credit-card-details/
“Everything Popular Is Wrong” - Oscar Wilde
Reply


Possibly Related Threads...
Thread Author Replies Views Last Post
  John McAfee reveals details on gadget to thwart NSA bristopen 1 321 01-09-2014, 06:20 AM
Last Post: mexika
Information 'Over half' of Android devices have unpatched holes h3rm35 9 1,855 11-24-2012, 12:54 AM
Last Post: whodunit
  Linux users targeted by password-stealing 'Wirenet' Trojan Easy Skanking 1 581 09-02-2012, 09:22 AM
Last Post: h3rm35
  Trojan nicks blueprints as Win Update data, backdoors gov-targeted kit w/Adobe 0-days h3rm35 2 595 02-03-2012, 01:47 AM
Last Post: h3rm35
  PDroid, stops your android from leaking information Telecaster72 0 885 01-25-2012, 05:24 PM
Last Post: Telecaster72
Photo Microsoft vs. Apple Infographic Details Rivalry from Inception to Global Domination FastTadpole 0 554 06-24-2011, 04:44 AM
Last Post: FastTadpole
  5 Interesting Facts About Android ragamuffin 2 2,085 12-30-2010, 08:55 PM
Last Post: MasterChiefa
Information Banks Attempt to Censor Academic Publication that Details SmartCard Chip and PIN Exploit Device FastTadpole 1 1,480 12-28-2010, 01:41 PM
Last Post: ragamuffin
Exclamation Highly Dangerous Zero-day Windows Trojan Targets Espionage h3rm35 2 688 08-03-2010, 07:00 PM
Last Post: h3rm35
  Trojan Rootkits Spread On Web To Steal Data Weyland 8 1,376 11-01-2006, 05:29 PM
Last Post: p2P2p

Forum Jump:


Users browsing this thread: 1 Guest(s)