How hackers can use your smartphone and how to stop them

Written by on June 1, 2015 in Guest Blog with 1 Comment

PrintIt seems like only yesterday cell phones were the size of briefcases and had an antenna that rolled out like a telescope! But things have changed quickly, and phones are getting smarter with each new device that’s released. Perhaps too smart? Your phone might be the perfect personal assistant, but it can also double as the perfect spy should the wrong person get into it. Here are 13 sinister hacks that could turn your smartphone into your own worst enemy.

1.  iPhone or iSpy?

MSpy is an App that anyone can install on your phone. All they need is physical access to it. Legally, surveillance apps require the surveilled to be informed that their smartphone is tapped. That doesn’t stop MSpy from advertising itself as “100% undetectable.”

So what can MSpy do? Track all ingoing/outgoing calls with a duration and timestamp. Snoop through texts, photos and emails. Monitor internet use. Control apps and programs. Anything else? Yup, it can also track your GPS location at all times. Should a possessive partner tap your phone, there’s no timeframe on how long they could keep an eye on you – even after the relationship has ended. The App has already caused uproar with the media dubbing it ‘the stalking app.’

Security tip: Use a strong password on your personal devices. Try to use 10 characters and a mix of numbers, special characters, and upper and lower case letters. Experts recommend to use your passwords like a toothbrush: don’t let anyone else use it, and change it every six months.

2.  The Tilt Sensor On Your Phone Can Hear You Type

Wait, what? A research team at the Georgia Institute of Technology found that any phone newer than the iPhone 4 has a sophisticated ‘accelerometer.’ This is nerd speak for a tilt sensor. The sensor is so advanced that should you leave your cell on your desk, it can read the vibrations from your keyboard and detect what you’re typing with 80% accuracy. Should anyone hack your phone, they can essentially read anything you type including passwords, sensitive data and emails. Yikes.

Security Tip: The researchers discovered that the most effective range is three inches from your keyboard, so perhaps keep your cell stashed in your bag.

3.  Your Credit Card Can Be Stolen Without Leaving Your Wallet

PayWave. Zip. ExpressPay. PayPass. These are some of the names of ‘contactless’ cards, and if you own one you should be extra vigilant. These cards are fitted with a Radio Frequency Identification Chip (RFID) and the idea was to simplify purchases. While retail transactions may be a little easier, so is stealing your money. Some modern smartphones are equipped with Near Field Communications (NFC) which means they can read and transmit RFID data easily. With the right malware, a hacker can access your phone and scan your pocket for the RFID enabled credit card. They can then take this data, and use a magnetizing device to upload the stolen credit card data onto a blank card. Your credit card has just been cloned, without even leaving your pocket. A hacked smartphone can read an RFID chip through your pants or even a leather wallet!

Security Tip: There are a wide range of RFID blocking security wallets available on the market, keeping out any would-be digital pickpockets.

4.  Home Invasion, Via Your Smartphone

Smart homes are becoming more common in the modern real estate market. For those out of the loop, smart home technology is also referred to as ‘The Internet of Things’ – or IOT for short. Standard household items such as appliances, electricity, security systems and lighting can now be wired into the Internet and controlled via our phones. In theory we can program our home to save energy while we’re on vacation, or turn on the lights and make coffee when we wake up. Like any device connected to the Internet, smart homes are vulnerable to attacks. According to Gary Davis, Chief Consumer Security Evangelist for McAfee –  it’s your mobile device that’s the most vulnerable access point for a home invading hacker. Through your smartphone, they can potentially turn off the lights, disable the security system, and unlock the front door, at any time. Home invasion has never been so scary.

Security Tip: Radek Tadajewski CEO of Oort, a smart home tech startup recommends that you should use devices with 128 bit encryption or higher, making them less likely to be compromised by cyber thieves. Users should ensure all of their connected devices are also password protected.

5.  Beware Of Juice Jackers

Although juice jacking sounds like a weird Californian diet, it’s actually a hacking method that targets those running low on battery. Ever come across a free charging station? They’re popping up everywhere, from airports to shopping malls. However these ‘free charging stations’ may not be the lifesaver you think they are. They can be trojan horses for malware. As soon as you plug in your phone, you essentially give a hacker open access to your smartphone and the freedom to infect your device. Researchers from BlackHat – a leading cybersecurity conference – estimates that your phone can be compromised within one minute of being plugged in to a malicious charger.

Security Tip: Don’t use public charging stations! Invest in a portable battery, so if you should run out of juice, you won’t get jacked!

6.  Smartphone Piggybacking

Have you ever set up your cell as a personal WiFi hotspot? Watch out! Hackers (and anybody unless you password protect) can piggyback off an open wifi signal. Cyber criminals are always looking for an open network, so they can download and distribute illegal materials. When the cops trace the source of the illegal activity, they’ll come looking for you.

Security Tip: Whether on your phone or at home, always password protect your WiFi.

7.  Flashlight Apps Torch Your Privacy

Have you downloaded a Flashlight App? Delete it! Researchers found that the top 10 flashlight apps on the Google Play store are all spying on their users! The application size of a flashlight app should be 72k, whereas these apps range from 1.2 to 5 megabytes! So why are these apps 10-50 times larger than they should be? They’re spying on you. If you haven’t read the privacy policy of the app you’ve downloaded (and let’s face it, most of us haven’t) you probably aren’t aware of what these free flashlight apps can do. For instance: read your contact lists, write programs, access photos, or snoop into your mobile banking information. In fact, these apps are so intrusive, leading cybersecurity firm SnoopWall considers ALL of them to be well crafted malware.

Security Tip: If you have downloaded one of these apps, delete them at once. Consider changing your banking passwords if you’ve used mobile banking along with the flashlight app.

8.  Tech-Savvy Snoops Can Record Your Conversation – Without Using Your Microphone

How does a hacker turn on your microphone? The answer might not be what you expect. Every smartphone is fitted with a gyroscope, which is a sensor used to monitor the smartphone’s orientation. This is how you can play games like Doodle Jump or Angry Birds. Researchers from Stanford University have found a way to use the sensors of the gyroscope to detect sound waves. Essentially turning it into a microphone. Unlike malware apps which gain permission to switch on the mic, hackers can access the gyroscope easily, and avoid detection altogether.

Security Tip: Google is aware of the research on gyroscope hacks and is working on countermeasures to protect users. In the mean time, minimize your chances of being hacked by ensuring that your Bluetooth is disabled, preventing roaming hackers from discovering you on their network. If you use an iPhone, don’t jailbreak it. It’s much easier for hackers to gain access to a jailbroken phone.

9.  The Third Eye You Don’t Want

For hackers, accessing your camera and taking secret snaps is not difficult. Android security settings specify that a preview must be shown on screen after a photograph is taken. Hackers bypass this by making the preview size 1 pixel; all but invisible to the human eye. The hackers can then send the photograph anywhere in the world. The recent phone hacking scandal involving celebrities such as Jennifer Lawrence and Kate Upton, showed that iCloud storage is an easy target for cyber snoops.

Security Tip: If somebody really wants to hack into your phone and has the resources to do so, they probably will. If you’re doing anything you don’t want the world to see, keep that phone in a drawer. Don’t store any sensitive images on the cloud, or better yet, don’t take them in the first place.

10.  Military Malware Can Reconstruct Your Home Or Office In 3D

Remember the radar system Batman had at his disposal in The Dark Knight Rises? Turns out it’s more fact than fiction. PlaceRaider is the name of the prototype app, and it works by covertly taking hundreds of photographs through your smartphone, simultaneously recording the time, location and orientation of the phone. Once it has enough images, it then allows for a malicious user to reconstruct the victim’s environment in 3D. This gives a hacker enough data to scan a private residence for items of value. They may also be able to also locate hidden vaults and panic rooms.

Luckily the app belongs to the military and won’t be in the Apple store anytime soon.

Security Tip: The EyePatch was initially designed to protect your smartphone camera lens from scratches or nicks. But should you be worried about anyone gaining control of your camera – simply cover the lens with this phone cover. Pretty simple, huh?

11.  Think Twice Before Hooking Up Your Baby Monitor To Your Smartphone

It might seem like a good idea to link your baby monitor to your smartphone. Two pairs of eyes are better than one, right? Well, kinda. But these probably aren’t the eyes you were hoping for. Baby monitors have been in the news recently after a tech savvy cretin successfully hacked it and verbally abused the terrified family through the baby monitor. Which is as creepy as the fact that hackers have the ability spy on you and your family whenever they please. As smartphones are perhaps most vulnerable to attacks, it’s another access point into your home.

Security Tip: As with all internet connected devices, use heavy encryption and password protect everything. Perhaps just avoid using your baby monitor through your smartphone altogether.

12.  Zombie Virus – via ‘Free’ Wifi

We’ve already discovered how hackers can piggyback off your Wifi hotspot to transmit illegal data – but they can also set up their own WiFi booby traps. A hacker can clone the name and characteristics of an innocent sounding public network, for example ‘Starbucks.’ Once your phone automatically connects to the signal, your device is wide open to attacks. The hacker can gain control of your operating system, and spam everybody in your address book with malware. With one accidental click, the recipient is then in turn infected and their address book is targeted. This is how damaging viruses can spread very quickly.

Security Tip: Never connect to public WiFi, unless you’re absolutely sure that it’s secure.

13.  The Future of Hacking

Researchers at M.I.T hacked into a FitBit via an Android smartphone to explore its vulnerability. Should anyone be able to get inside your smartphone, it would be relatively easy for them to uncover your ‘live data’ – such as your vital statistics, BMI or even whether you’re asleep or awake. Um, no thanks? But hacking into wearable devices could only be the beginning as technology continues to advance.

A new trend in body modification has been springing up in tattoo parlors across the nation. They call themselves biohackers, cyborgs and grinders. People who use computer chips as part of their body modification. It’s a niche market, but biohacking enthusiasts can insert magnetic chips into their bodies to connect to their smartphones. The government is even working on a chip that when inserted into the human brain can potentially restore memory. It’s long been hypothesized about how easily a malicious hacker could find a way to hack into medical devices such as pacemakers and bionic limbs. As we continue to merge with new technology, there’s no telling what hackers of tomorrow might be able to do.

Security Tip: As new technology emerges, so will countersecurity measures. The best we can do is understand how easily we can be accessed through our connected devices, and take appropriate precautions.

This article was first published on DialedIn.

Tags: ,

About the Author

About the Author: Amy Lane is a blogger and writer based out of San Diego, California. Her interest in tech and security stems from a background in digital studies and cyberpsychology. Currently she works as a writer for Dialed In. Follow her on twitter @amyroselane .


If you enjoyed this article, subscribe now to receive more just like it.

Subscribe via RSS Feed

1 Reader Comment

Trackback URL Comments RSS Feed

  1. Veronica says:

    What an eye opener! I am never at the front of the queue for new phones and am often the butt of the joke re how old my phone is. I know old doesn’t make it foolproof but reading this it does make me feel a tad more secure. Phew!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.