Mobile phone trojan 'bugs' user conversations

An insidious piece of software classified by most security vendors as a trojan has been updated to include the bugging of a mobile user's e-mail, the tracking of a user's location and the ability to activate the phone's microphone.While its classification as a trojan is the subject of some debate, updates to the FlexiSPY application […]

An insidious piece of software classified by most security vendors as a trojan has been updated to include the bugging of a mobile user's e-mail, the tracking of a user's location and the ability to activate the phone's microphone.

While its classification as a trojan is the subject of some debate, updates to the FlexiSPY application are likely to cause serious concern to mobile users.

The software, once physically loaded onto any Symbian, Windows Mobile or Blackberry-based device, enables a remote user to monitor and control nearly all aspects of a mobile device.

It can record conversations and log all SMS and e-mail messages sent to and from the phone. It can also remotely turn on a phone's microphone to listen to a users surrounds (without a call even being made), and reveal the location of the mobile user.

"It will send this information upstream to your Web server where the owner of the application can then view everything you do," says Patrik Runald, senior security specialist for F-Secure. "They can even track you where you are -- which country you're in, which city you're in, and maybe even which area of the city you're in. It really keeps track of where you are anywhere in the world."

Graham Ingram, director at AusCERT said concerns about the "spyphone" software are well founded. The software, he says, essentially turns a mobile phone into a "listening device that can be controlled by a remote attacker".

"It's not the same as a PC being infected by a trojan," he said. "This is something of a level and scale far above in terms of the functionality it delivers to the bad guys."

The developers of the software, a Bangkok-based company called Vervata, claim that the application has some legitimate uses -- marketing it as a means for people to spy on their cheating spouses, or monitor the activity of their children.

But security vendors aren't convinced. F-Secure, Symantec and Kapersky Labs all classify the application as being either a virus, spyware or a trojan.

"If [the spying and remote control] is being hidden to the end user, the software is malicious," says Runald. "The user doesn't see anything at all. Even if you hold down the menu button to see if there's any running processes on a Symbian-based phone, you can’t see anything. It's totally hidden."

The updated version of FlexiSPY is the first bug that can threaten the privacy and security of the RIM Blackberry, a mobile device marketed to corporate users on the basis of its strong security.

Vervata claims that because the software needs to be installed by a human, and can be uninstalled by a user, it should not be classified as a virus or a trojan.

"It does NOT self replicate, it does NOT pretend to be something it is not, and it ALWAYS requires conscious human action for installation," says a message on the company's Web site.

"Like any other monitoring software there may be a possibility for misuse, but there is nothing inherent in FlexiSPY that makes it illegal or malicious," the company said.

Source:→ ZDNet Australia

Mobile Phone, Bugs, Trojan, Malwares