Since the dawn of the modern smartphone it has been apparent that they can be used to spy on someone. Reviewing cell phone GPS information can track the user’s movements. In addition, if you want to know who calls have been place to or received from a review of the phone’s call logs stores this information. But in 2009 a new wave of hacking and spying came around, the ability to view the phone's camera lens from a remote location. This was primarily done as a joke (albeit a cruel one) perpetrated by an unknown source. The perpetrator used a loophole in the phone's software to activate the camera and view a live feed of where the camera was pointing. This continued for several weeks and all of a sudden stopped without notice.
Now, however, this is being taken to a whole new level with smartphones. A security researcher has developed a type of non-volatile virus that is purposely placed on your phone. Once this “app” is installed, it then starts to record and transmit everything from physical location to audio and video of what is around the phone, it can even be set up to watch your browsing history or your texting (SMS) chats. This is being hailed as the first eavesdropping spyware of its kind.
Generally, the app would be delivered in the form of a legitimate application (such as Evernote, Facebook or WordsWithFriends) which is downloaded from a third-party source outside of the Google system. The hackers take this legitimate application, insert this extra app, put it all back together and no one is the wiser. It’s when this app is installed that a separate background process is started which installs this spyware.
Do not be too alarmed yet. This particular example was created by a reputable firm that has solved many problems with hacking in its various forms over the years. But it does showcase how vulnerable a smartphone can be when apps are obtained from stores other than Google or Apple. It also emphasizes the need for proper protection using an anti-virus app and/or regular updates.
From a forensics standpoint, the new spyware may give us a clue about what has been taken and where it has gone by monitoring data traffic to and from the phone. This gives our investigators a starting point into determining damage, and if there is enough evidence to prosecute the hacker.
