Malware
![]() (software) ![]() ![]() | |
---|---|
![]() One of many apps from the Google Play Store which secretly installed the Exodus spyware on its victims' phone. | |
Interest of | • HBGary • Dragos Ruiu • Security Without Borders |
Bad software, such as spyware or viruses |
Malware is an umbrella term for bad computer software. Colloquially, this may include software which just unwanted, or annoying ("scumware", "nagware", "bloatware", "shovelware" etc.) but the primary meaning is software which by design presents a threat to the user, such as computer viruses or spyware. Malware in generall is more associated with extortion of money and fraud, but it can be used by anyone with the technical capability for any purpose.
Contents
Pre-installed malware
In August 2019, Google warned that tens of millions Of Android smartphones come preloaded with malware, and that "if malware or security issues come as preinstalled apps, then the damage it can do is greater".[1] The problem with the presence of malware in the firmware dates back to early 2014.[2][3]
After a vulnerability was found in the Lenovo Solution Centre, Lenovo left it unfixed, but changed the software's end-of-life date to make it seem less important.[4]
Hardware backdoors by intelligence agencies
In 2014 it was revealed via Edward Snowden that the NSA routinely backdoors networking hardware exported from the USA.[5] Further, it stands to reason that some "bugs" in commercially available hardware are deliberate design flaws[6] or planned features[7] to give state actors speedy access to any system. The peculiar destruction of Laptops from The Guardian that held part of the Snowden archive, which was reported about by Privacy International in 2014,[8] showed that GCHQ targeted specific chips on the mainboard and related components, while it could have choosen to instead/or in addition shred the whole hardware to conceal this very specific action. Intelligence agency's, when they get initial access to a system through a browser,[9] may choose, depending on the capability and value of a target, to not write the data for their surveillance tools on the harddrive where it could more or less easily be found, but on these very chips whose firmware can likely be rewritten, as it is known to be the case with all USB components.[10] This would make it possible to bypass all security monitoring and measures initiated on the level of the operating system running on the device. It is not clear if the restitution by GCHQ, the way it was done, was deliberate to communicate this very fact, or by mistake.
Spyware
- Full article: Spyware
- Full article: Spyware
Spyware is created to exfiltrate users' data or facilitate surveillance of users. Its origins include criminal gangs, individuals, private companies[11] and intelligence agencies.
Viruses
- Full article:
Computer virus
- Full article:
Computer viruses may go beyond spying to have a payload intended to destroy data and/or hardware (for example, Stuxnet, intended to damage the Iranian centrifuges used to refine uranium).
Installation
"AT&T employees took bribes to unlock millions of smartphones, and to install malware and unauthorized hardware".[12]
Examples
Page name | Description |
---|---|
Backdoor | A covert means of gaining unauthorised and/or unmonitored access to a computing system. |
Computer virus | |
Fysbis | A simple yet effective Linux Trojan. |
Pegasus (spyware) | Trojan/malware created by NSO group/Unit 8200, used worldwide. |
Ransomware | |
Spyware |
Related Quotation
Page | Quote | Author | Date |
---|---|---|---|
Backdoor | “Every year, we learn about some issue in WhatsApp that puts everything on their users' devices at risk. Which means it's almost certain that a new security flaw already exists there. Such issues are hardly incidental – they are planted backdoors. If one backdoor is discovered and has to be removed, another one is added” | Pavel Durov | 5 October 2022 |
Related Document
Title | Type | Publication date | Author(s) | Description |
---|---|---|---|---|
File:Operation-shady-rat.pdf | report | 2 August 2011 | Dmitri Alperovitch |
References
- ↑ https://www.forbes.com/sites/zakdoffman/2019/08/10/google-warning-tens-of-millions-of-android-phones-come-preloaded-with-dangerous-malware/
- ↑ https://securelist.com/caution-malware-pre-installed/59356/ saved at Archive.org saved at Archive.is
- ↑ https://public.gdatasoftware.com/Presse/Publikationen/Malware_Reports/G_DATA_MobileMWR_Q2_2015_EN.pdf saved at Archive.org
- ↑ https://www.theregister.co.uk/2019/08/23/lenovo_solution_centre_cve_2019_6177/
- ↑ http://www.theguardian.com/books/2014/may/12/glenn-greenwald-nsa-tampers-us-internet-routers-snowden
- ↑ https://www.theverge.com/2017/9/12/16294904/bluetooth-hack-exploit-android-linux-blueborne saved at Archive.org and Archive.is
- ↑ https://www.synacktiv.com/ressources/TCP32764_backdoor_again.pdf saved at Archive.org
- ↑ http://archive.today/2014.05.22-200639/https://www.privacyinternational.org/blog/what-does-gchq-know-about-our-devices-that-we-dont
- ↑ https://medium.com/@nweaver/how-the-nsa-could-hack-almost-any-browser-1b5ab05ac74e saved at Archive.is
- ↑ https://www.wired.com/2014/07/usb-security/ saved at Archive.org saved at Archive.is
- ↑ For example, eSurv which created the Exodus spyware
- ↑ https://archive.fo/djFGd