Cell phone Spyware – Super Scary
Just in time for Halloween (ok, a few days late).. Super Scary details that can be obtained from some of these spyware software applications that install discretely on smart phones. Investigating in to a potential security breech, it was a huge eye opener to discover that these applications silently gather a multitude of information off of the smart phone and upload them to a remote server for viewing at a later date by the offending party.
It should be noted that this type of software is falls under federal wire-tapping regulations and, for civilians, it carries a felony charge regardless of the relation to the individual being tapped.
The belief was that the iPhone, due to the regulation and control of the OS and applications, was immune. However, it, as can be seen a href=http://www.squidoo.com/iphonespyhere/a, it is just as vulnerable as all of the other phones out there. These software packages have the ability to grab all SMS, MMS, e-mail, and more, all in the background, regardless if they have been deleted or not. They use the GPS to track the movements of the phone, and upload that information to a remote server where the individual who is monitoring the phone gets all of this displayed on a highly detailed map.
While these software packages are sold under the guise of exposing a spouse, the issue not covered is the raw data on the phone. Aside from a wire-tap violation, many smart phone users have access to company proprietary information (HIPAA, PHI, etc) that is not meant for the wilds of the internet. Once that information is captured and sent off to some remote server, no one knows what is being done with that data.
The real question is: how to detect this kind of software on work issued phones or personal phones with work related access. Users are the weak point in the security chain. User education is perhaps more important now than before as cellular phones penetrate further in to the work place.
Recovery is performed by updating, specifically on the iPhone, to the latest iOS. All of those packages rely on a jailbroken phone, and the Apple iOS is obviously not jailbroken out of the box.