A new research finding has revealed that spread of certain types of malware could be triggered by specific lighting, music, vibrations or magnetic fields. Non-internet based mobile phone malware, the name given to it is a class of malware that can lay dormant for long under hostile conditions and get activated by non-internet based environmental factors under favorable environment.
Malware spread by sound, light and vibrations
The findings by researchers at the University of Alabama at Birmingham (UAB) have been published in a paper titled Sensing-Enabled Channels for Hard-to-Detect Command and Control of Mobile Devices. The paper examines how malware on mobile devices can be activated and controlled via sound, light, magnetic fields, and vibration.
Until now, traditional means of controlling malware relied on network-based channels, such as a TCP/IP based channel, easily detected and blocked by firewalls and antimalware products. The new method of malware spreading put forth by the UAB researchers have posed a new challenge for cyber security experts.
The report in its introduction states,
The mobile devices have become both “smart” as well as ubiquitous in the recent years. Today’s mobile devices, such as smart phones or tablets, are equipped with a multitude of sensors, enabling them to detect their location, and learn the characteristics of their users and the surrounding environment. These rich capabilities have enabled many interesting applications and immense possibilities for ordinary users. However, at the same time, they have opened up the door towards new generation of mobile malware that can exploit the on-board sensors for malicious purposes.
The team of researchers including Ragib Hasan, Nitesh Saxena, Tzipora Halevi, Shams Zawoad and Dustin Rinehart convinced others by building a proof-of-concept Android app to demonstrate their ideas.
The researchers placed their malware, designed to remain dormant until activated by certain signals, on an Android phone. They then activated the malware in a busy hallway using music coming from a source 55 feet away. They also successfully activated the malware using music videos, lighting from a television and also an overhead light, magnetic fields, and vibrations from a subwoofer.
Source – Symantec.