Jul 302012

So far, SMS spam has been a specialty of Austria and Germany – however, it looks like the folks now start to hit the UK.

Dynamoo brings us the following text:

Hi, we think you may be entitled to compensation of up to £3500 from missold PPI on a credit card or loan.
Reply PPI for more info
Reply STOP to opt out

As of this writing, it is not known how they monetize the “victims”.

Hit the link above to find out how to report it to your carrier – of course, the delete key is invented.

Jul 112012

Even though Adobe’s AIR and Flash products are compiled, it is relatively easy to decompile the results back to source code.

So far, embedding binary SWF files helped to some extent. This is now, however, over:

* New version is able to decompile SWF files embedded into a SWF file as binary data (nested SWF files)

Just in case anyone wants to know who the firm is:

Through the years, Flash Decompiler Trillix received numerous raving reviews and comments and multiple awards from software catalogues. Recently, Eltima Software released Flash Decompiler Trillix 5.3 for Mac with the ability to decompile nested SWF files, Adobe AIR applications, and with support for Adobe Flash Professional CS 6 and TLF texts. Since version 5.3 Flash Decompiler Trillix supports Mac OS X 10.8.

Not much to add here – consider Flash code to be as visible as JavaScript…

Mar 282012

When looking at the recent flurry of media reports about apps stealing more or less “useless” data about random individuals, I sometimes wondered if we are looking at a redux of “internet addiction”. After all, the data of a random user sitting in a random country, well, you get the idea…

I have now found the following in my inbox. To save you the reading effort, it is from a company which offers me a list of Android users to spam at will:


Greetings of the day, I was reviewing your website and thought might be intrested in our Android Users database , by which you can expand your reach and widen your client base. We mantian 1.2 Million contacts with complete information.

We have an exclusive database of verified contacts by Industry, Job Titles and Geography…

Data Quality and Details:

Data Fields: Contact Name, Company name, Job Title, Website, Industry, SIC Code, Email address, Direct mail address, Telephone number, Revenue Size, Employee Size, etc.

Last date of data update: 24th Feb 2012

Acceptance rate: 100% permission based contacts

Usage License: Once you purchase the list you can use it for multiple times, no restrictions

Multi-Channel Marketing: The list can be used for Email Marketing, Direct Mail Marketing, Fax Marketing and Tele Marketing

Accuracy Guarantee: 90% accuracy on data

Legal Compliance: WE are in compliance with the CAN SPAM Act, 2003 and DMA

Please let me know your thoughts towards procuring or using our Android Users Email List.

To Your Success!

Urp Burp

Business Development Coordinator

Any other “innovative” ideas for snooped data, anyone?

Oct 102011

Mobile security has been a topic ever since this network was opened – so far, no really large breakout has taken place.

Canalys has now released the following press release – as always, highlighting was added by yours truly:

Canalys today announced its updated worldwide mobile security forecast, estimating an average investment growth of 44.2% per year, reaching $759.8 million by the end of 2011 and turning into a $3 billion market opportunity in 2015.[1]

According to Canalys figures, only 4% of smart phones and pads shipped in 2010 had some form of mobile security downloaded and installed, highlighting a low end-user awareness level and the relative infancy of the market. Mobile security uptake is anticipated to rise rapidly over the next four years, as enterprises conform more strictly to data protection and compliance practices, and consumers begin to understand the impending security threat to their personal data. Canalys forecasts that by 2015 over 20% of smart phones and pads will have mobile security software installed.

Not much to add here…

Nov 122010

Two years ago, nobody cared about mobile malware. OK, there were a few small outbreaks – but nothing which made its owners money.

InformationWeek now reports the following:

More than 1 million cell phone users in China has been infected with a virus that automatically sends text messages, and the attack is costing users a combined 2 million yuan ($300,000 U.S.) per day.

According to Shanghai Daily, “the ‘zombie’ virus, hidden in a bogus antivirus application, can send the phone user’s SIM card information to hackers, who then remotely control the phone to send URL links.”

As this product relies purely on social engineering or idiocy, I would not consider it a virus – let’s see when this is combined with an exploit for maximum damage and automatic spreading…

Oct 232010

Traditionally, mobile networks were relatively safe places. The low CPU power of mobile device made using them for botnet attacks impractical – that is, until tethering and 3G dongles came along.

Mobile Business Briefing now reports the following:

Content delivery platform company Akamai said that “more than half of the observed mobile attack traffic” recorded by its servers originated from three countries: Italy (25 percent), Brazil (18 percent) and Chile (7.5 percent).

Given that mobile phones have not been used for botnets so far, the conclusion we can draw here is that many Italians use wireless broadband…

Aug 192010

Given all the recent press about RIM having to open its email services to some governments, I felt like taking a look at another frequently used communications tool: Skype.

The famous German lawyer Udo Vetter reports that the German government can now listen in on Skype 2 Skype calls:

I asked the prosecutor if he could – now – check onto Skype to Skype calls. He confirmed this.

The Judge then went on to tell me that she saw some Skype protocols in very recent suits.

Given Vetter’s excellent reputation in German IT circles, I consider his statements true – looks like all the encryption hubbub was but marketing hyperbole…

Aug 032010

After the recent US ruling which declared jailbreaking Apple devices to be legal, Nokia heads over at symbian-freaks have accelerated their efforts to create custom ROMs.

An user called fonix232 recently posted the following to the Symvian DevCo mailing list – it gives a nice overview and “history” of the recent happenings:

Hacking into the system is just a word for accessing the phone’s restricted areas (c:sysbin, c:private, etc) with a simple file browser. It can be done in many ways.

First, there was the HelloCarbide method. It was based on a system bug, what allowed to access any folder if a fie browser was running in the moment of bugabuse. So people did this, copied Z, and developed a method to install ANY software without the need of signing. That was done by modifying a value in InstallServer.exe, and then placing the modified executable in C:sysbin.

Nokia patched this on N95 V31, so we needed another way. The other way was to map C:sysbin as a different drive (yes it is possible on Symbian) and copy the executables and drivers of an application called ROMPatcher. This application does what it’s name says: applies patches on given areas of RAM. This made us possible to create mods on-the-go. No need for editing binaries anymore, but apply a patch, and it is already modified.

Nokia close this hole again, with firmware 5800 v40. Then, there were no holes. After a little time and lots of thinking, a team called PNHT grabbed my partial research on the Nokia Firmware Format (file extension FPSX), and based on it, with lot of help from an individual developer and modder Il.Socio, they made firmware editing possible for a few phones. This is an easy theory:

Nokia uses ROFS and ROM images in firmwares. ROM is for any base kernel executable – currently unmodifiable. ROFS1 is in CORE, just like ROM, and it contains a few stuff for ROM executables. ROFS2 contains languages, and other resources, like skins, and stuff. And finally, ROFS3 contains any carrier data. Now we have the possibility to edit ROFS2 and ROFS3, directly from the FPSX container. This way, we can integrate our favorite apps into our own custom firmwares, or set some options to other values by default, replace the base skin, port the Omnia HD’s homescreen, and such things.

So hacking is basically opening up the system for modding.

Not much more to add here…

Jun 262010

Apple has frequently removed applications from the store in the past. Amazon did so with an ebook and got an outcry…which is why Google originally planned to retain the kill switch in the Android OS for the absolute emergency.

Given that mobile phone security becomes more and more of a topic, the situation has arisen. A blog post by a Google Engineer reads as following:

Recently, we became aware of two free applications built by a security researcher for research purposes. These applications intentionally misrepresented their purpose in order to encourage user downloads, but they were not designed to be used maliciously, and did not have permission to access private data — or system resources beyond permission.INTERNET. As the applications were practically useless, most users uninstalled the applications shortly after downloading them.

After the researcher voluntarily removed these applications from Android Market, we decided, per the Android Market Terms of Service, to exercise our remote application removal feature on the remaining installed copies to complete the cleanup.

As of now, nothing is known about these applications. Let’s see whether they will show up at one of the security conferences – if not, we could have our first black-hat targeting Android…

Apr 282010

Spam is an age-old topic. While most of us probably delete most spam messages on sight, there must be enough morons who actually read them or the whole game wouldn’t pay out for the spammers.

FlowTown.com have now created the image below:
spam perception How users perceive spam

Unfortunately, their method of gathering the data was not disclosed…but it nevertheless makes for interesting reading!

Feb 232010

Owners of Linux-based routers are in for a “reverse treat” – a botnet called Chuck Norris attacks these devices.

PCWorld reports the following:

Once installed in the router’s memory, the bot blocks remote communication ports and begins to scan the network for other vulnerable machines. It is controlled via IRC.

Because the Chuck Norris botnet lives in the router’s RAM, it can be removed with a restart.

So: change that default password, folks!

Feb 142010

I guess that everybody who frequents the Tamoggemon Content Network is well aware that cell phone providers always know where your cell phone is. You lot probably also know that this data is often logged, and can theoretically be used for all kinds of data-mining processes.

So far, the common assumption was that cell phones will not be tracked without a court order. Unfortunately, this is untrue. CNet News reports the following:

In that case, the Obama administration has argued that warrantless tracking is permitted because Americans enjoy no “reasonable expectation of privacy” in their–or at least their cell phones’–whereabouts. U.S. Department of Justice lawyers say that “a customer’s Fourth Amendment rights are not violated when the phone company reveals to the government its own records” that show where a mobile device placed and received calls.

The message is short and sweet here: if your phone is on in the USA, the US government knows where you are. Do with that what you want to, and don’t hold us liable…

Jul 142008

TamsS60 covered the latest crop of S60v3-capable malware a few days ago. Actually, the program can’t be considered malware according to Whizs’ Tech Chronicles – the program’s EULA clearly states that the program will call premium-rate numbers.

Even though the program can technically not be considered a virus or dialer anymore, it’s nevertheless very bad “application behavour” to perform cost-inducing actions without alerting the user. Serious applications like Fring or Resco News ask every time they connect to the Internet…

Dec 182007

As the cost per SMS has begun to droop lower and lower, SMS spam starts to become a significant problem for many users. Webgate’s SMS Spam Manager promises to be a spam filter for your S60 phone’s short messaging service inbox – can it stack up?

The Active Mode toggle allows you to configure he filter mode. The program can accept or block all incoming messages. Additionally, it can accept SMS only from people in the phonebook – or use a filter list:
0a SMS Spam Manager   the SMS spam filter for S60 0b SMS Spam Manager   the SMS spam filter for S60

Filters can be set up using the Rules tab. Filters can target specific phone numbers, number ranges(e.g. no calls from Zimbabwe for me) or specific text passages in the message body(e.g. no SMS from the ex for me):
1a SMS Spam Manager   the SMS spam filter for S60 1b SMS Spam Manager   the SMS spam filter for S60 1c SMS Spam Manager   the SMS spam filter for S60

SMS Spam Manager can lock itself as a “system service’, and can automatically start whenever your phone is powered up. Additionally, it can display a small icon whenever it is active:
2a SMS Spam Manager   the SMS spam filter for S60 2b SMS Spam Manager   the SMS spam filter for S60

Incoming spam messages are absorbed silently – they can be analyzed in the log tab. False positives can be moved to the inbox manually:
3a SMS Spam Manager   the SMS spam filter for S60 3b SMS Spam Manager   the SMS spam filter for S60

This review looked at version 1.05(70) of SMS Spam Manager on a Nokia N71. The program needs 121KB of RAM and can be installed onto a memory card.

In the end, WebGate’s SMS Spam Manager is a killer tool against all kinds of SMS spam. Should your phone ever come under attack, get this application by all means. The price of 10$ is a small fee to pay for total peace of mind…