Friday, October 4, 2013

A Charger Powers Your Smartphone, Sniffs for Malware

Kaprica’s malware-scanning charger does its job without actually residing on your phone.


At the annual Black Hat security conference this summer, researchers demonstrated how it would be possible to add malware to an iPhone by connecting it to a modified charger. Now a mobile security startup is attempting to do the opposite, by selling a charger that can scan your smartphone for malware—and repair it, if necessary—while powering it up.

There are already plenty of mobile security apps on the market from companies like Lookout Mobile and TrustGo. Yet Kaprica Security believes that because its Skorpion charger is physically separate from your smartphone, it is better suited to spot the kind of malware that can sit silently on the device, stealing files or login information like your bank or credit card username and password, from which a hacker may be able to profit while remaining undetected.

Kaprica cofounder and CEO Doug Britton says the Skorpion charger analyzes your phone’s operating system files without relying on the phone’s operating system, memory, or processor to tell it the truth about whether or not it has been compromised. He says this means the device is not vulnerable to malware that may fool virus scanners by hiding out on the phone and intercepting legitimate scan results, telling the scanner that everything on the phone is okay, when the results would otherwise point out a security breach.

Though still a tiny problem compared to computer malware overall, mobile malware is on the rise, and the vast majority of it is popping up on Android smartphones. In its August report, McAfee Labs said it collected nearly as many mobile malware samples in the first half of this year—over 17,000 in the second quarter alone—as it did during the entirety of 2012. Most of these new malware specimens encountered were so-called “backdoor Trojans” that secretly steal a user’s information, as well as malware that captures bank login details.

Britton, who previously worked at defense contractor Lockheed Martin as a research and development manager specializing in security, says it’s hard to know how often these kinds of silent attacks are happening on smartphones, but that data suggests attack patterns used on PCs are being used on smartphones as well.
In hopes of thwarting this shift, Kaprica plans to start selling the Skorpion charger late this year or early next year to enterprise customers for around $65, with a monthly subscription fee of $3 or $4 for features like updates and alerts. The charger will be co-branded with consumer electronics and accessory maker Belkin, which is manufacturing the device.

The Skorpion charger can be made to work with any smartphone operating system, but Kaprica does need to work with smartphone makers to ensure the Skorpion charger can work with their handsets. Britton won’t get specific about what phones it will be compatible with early on, but says its technology is most developed for Android so far and that the Reston, Virginia-based company plans to launch with a handset maker that already makes both Android and Windows smartphones.

For the user, the charger is simple: plug it into the wall, and plug the phone into the charger. The charger then conducts a quick preliminary scan of the phone; if all is in order, it shows a green light.

If you leave the phone plugged into the charger, it will reboot at a time you’ve preconfigured—3 a.m., for instance—and start a more thorough process that sends the phone’s operating-system files to the charger for an analysis that takes about four minutes.

Britton says that since the analysis is done locally, the charger doesn’t need a Wi-Fi or data network connection. The phone’s wireless connection is used, however, for downloading updates to the Skorpion charger and for sharing scan results with, say, your company’s IT department.

If a problem is detected, the charger will alert you with a red light, and—depending on the user’s preferences—the charger can automatically repair the phone by using a previous “good” version of the operating system it has already stored.

Britton says that even if the charger itself is compromised, it cannot add new applications or code to the phone.

Xuxian Jiang, an associate professor of computer science at North Carolina State University who researches mobile malware,  says the charger takes an interesting approach to mobile security but may be limited if it does not scan the phone while you’re using it, since actions like answering a call can transmit malware. He’s also concerned that the security updates the charger receives via the phone and its wireless network access could possibly be intercepted, thereby compromising its effectiveness, and suggests the Skorpion might be more effective if used with, say, a mobile security app.

When it comes to malware, “there’s no single bullet to all problems,” he says.

http://www.technologyreview.com/news/519651/a-charger-powers-your-smartphone-sniffs-for-malware/


No comments:

Post a Comment