Eavesdropper Android app developed

Powered by SC Magazine
 

Proof-of-concept application siphons audio to remote servers.

Security researchers have built a lightweight Android application that remotely activates a phone's microphone to eavesdrop on conversations.

The proof-of-concept application downloads instructions from a remote server to begin recording conversations when a victim arrives at a specific location.

Attackers could potentially listen in on sensitive conversations by activating the rogue application at target GPS coordinates.

The application was developed by researchers at Sydney-based Sense of Security and will be launched at the AusCERT security event in Queensland next week.

"The aim was to show how easy and plausible it is to spy on an owner through mobile devices," co-founder Murray Goldsmidt told SC Magazine.

He said the Android application was composed of about 600 lines of code and could be ported to other mobile operating systems.

During field tests, the application had recorded around 30 seconds of audio at a specific location and siphoned the data to the company's servers.

The application could be installed on phones by drive-by-downloads or locally.

Goldschmidt will detail the application during his AusCERT Thursday presentation.

Copyright © SC Magazine, Australia


Eavesdropper Android app developed
 
 
 
Top Stories
The True Cost of BYOD - 2014 survey
Twelve months on from our first study, is BYOD a better proposition?
 
Photos: Unboxing the Magnus supercomputer
Pawsey's biggest beast slots into place.
 
ANZ looks to life beyond the transaction
If digital disruptors think an online payments startup could rock the big four, they’ve missed the point of why people use banks, says Patrick Maes.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
What is delaying adoption of public cloud in your organisation?







   |   View results
Lock-in concerns
  29%
 
Application integration concerns
  3%
 
Security and compliance concerns
  28%
 
Unreliable network infrastructure
  9%
 
Data sovereignty concerns
  21%
 
Lack of stakeholder support
  3%
 
Protecting on-premise IT jobs
  4%
 
Difficulty transitioning CapEx budget into OpEx
  3%
TOTAL VOTES: 1068

Vote