Please enable JavaScript.
Coggle requires JavaScript to display documents.
Attacks and countermeasure in mobile hacking - Coggle Diagram
Attacks and countermeasure in mobile hacking
Attacks and countermeasure in mobile hacking- voicemail.
Voicemail, is a mechanism for connecting a phone call to a recording device, saving that digitized file somewhere, and helpfully replaying that sound file during another call, usually when the mailbox owner calls in.
Anyone calling from the corresponding mobile phone number, without prompting for the voicemail password.
With such a setup, you can route calls and spoof caller ID numbers easily. This makes it trivial to access anyone’s voicemail as long as you know their mobile phone number.
Attacks & Countermeasure in Mobile Hacking – Rogue Mobile Device
Rogue devices are just plain malicious by nature. They exist for the sole purpose of stealing sensitive information like credit card numbers, passwords, and more. They harm your network and, in the process, can harm your company's / organisation’s / institution’s reputation.
Rogue devices can be wireless access points (sometimes referred to as rogue APs) or end-user computers (rogue peers). If left connected, either type of rogue device can pose a security threat.
A sniffer is an eavesdropper that passively sits on the network and stealthily inspects traffic. Sniffers can be maliciously used for the reconnaissance of valuable data.
There are multiple ways rogue devices can connect to your network, including:
Employee-owned devices
Third-party vendors
Shadow IT
Lack of device visibility
For rogue network device detection, a network must have at least three things:
Periodic scanning
Continuous monitoring
Immediate alerting
Attacks & Countermeasure in Mobile Hacking – Rouge Station
Until recently, carriers assumed that attackers lacked the skill to build a base station.
So, network required authentication from the phone. Phone didn't require authentication from the network.
A rouge station then, is simply that. To emulate a legitimate cellular network.
Attacks & Countermeasure in Mobile Hacking – Rogue Femtocell
A femtocell is a device you can purchase to boost mobile phone signal.
Previously, when we were learning about rogue base station, we talked about fake basestations, how easy it is to set up one. For example, you can get “OpenBTS”, which is a software that can be used to make a fake base station.
Femtocells are even simpler.
A femtocell is a tiny box with connectors for antenna, power, and Ethernet connection.
It Converts normal voice calls into realtime protocol streams.
Associated Session Initiation Protocol (SIP) setup.
Femtocells are able to receive raw secrets used to authenticate devices from carriers
Mobile Phone Security & Forensics
Record IMEI number
Enable device locking
Use a PIN to lock SIM card
Use mobile tracking feature
Backup data regularly
Reset to factory settings
Mobile as USB
Mobile Device & Security Risk
Physical access
Mobile devices are small, portable and lightweight.
This makes them easy to steal, or simply being left behind.
Passwords or some sort of lock can be hacked.
Encrypted data can be broken as well.
This is especially bad when we keep corporate data’s in mobile devices.
Not to mention that people tend to keep passwords in mobile devices.
Our mobile devices holds access to corporate services such as e-mails and VPN.
Contrary to popular beliefs, resetting to factory settings does not completely wipe-out device storage.
Even formatted storage can actually be retrieved using forensic retrieval software, and if you’re curious, yes, these software's are actually available to the public.
Malicious code
Mobile malware threats are typically socially engineered.
It focuses on tricking users into accepting whatever the hacker is selling.
Includes spam, suspicious links on social networking sites and rogue applications.
Mobile ads are increasingly being used as part of many attacks (malvertising).
Device attacks
Similar to PC attacks of the past (browser based, buffer overflow exploitations, etc.)
SMS and MMS will be the medium use by hackers to perform these attacks.
Designed to either gain control of the device to access data or to a attempt a Distributed Denial of Service (DDoS).
Communication interception
Wi-Fi enables phones are susceptible to same attacks as other Wi-Fi enabled devices.
Google Android Security Model
The Android security model is primarily based on a sandbox and permission mechanism. Each application is running in a specific Dalvik virtual machine with a unique user ID assigned to it, which means the application code runs in isolation from the code of all others applications. As a consequence, one application has not granted access to other applications’ files.
Android application has been signed with a certificate with a private key Know the owner of the application is unique. This allows the author of The application will be identified if needed.
It is mandatory for an application to list all the resources it will Access during installation. Terms are required of an application, in The installation process should be user-based or interactive Check with the signature of the application.
Permissions are divided into several protection levels. The protection level affects whether runtime permission requests are required. There are three protection levels that affect third-party apps: normal, signature, and dangerous permissions.
iOS Security Model
iOS Secure boot chain
When an iOS device is turned on, it immediately executes code from BOOT ROM which is a read-only memory, known as Hardware Root of trust, is laid down during chip fabrication, and is implicitly trusted.
This also contains the Apple root certificate with public key and uses it to verify that the low-level boot loader is properly signed and has not been tampered before loading. LLB verifies the iBoot and iBoot verifies iOS kernel before starting it
Windows Phone Security Model
Successor to Windows Mobile
Part of Windows CE family
Primarily aimed at consumer market
Security Architecture is divided into four sections
Chambers
Capabilities
Sandbox
Application Deployment