3 December 2015

Desperate times… How Israel spy company uses zero-days to steals all data from your phone or tablet

Desperate times… How Israel spy company uses zero-days to steals all data from your phone or tablet

ibtimes published yesterday an article about InterApp system, developed by Rayzone Group. According to vendor’s brochure, the device can be places in a public place. It uses vulnerabilities in mobile apps to gain complete access to your phone and steal all information from the phone and the cloud:

“InterApp is fully transparent to the target and does not require any cooperation from the phone owner. The only required condition is that the WIFI transmitter of the mobile device will be open (No need to surf the web)”.

And they claim Dropbox support as well :)

The zero-day market for mobile apps is huge now, but I personally do not think this is the way they do it. Most likely vendor uses zero-day vulnerability in mobile OS (e.g. Android, iOS) or they already have preinstalled backdoor. This accusation is huge, because this means, that no matter you do, your phone can be accessed at any time anywhere. And usual app would not be able to send any data through Wi-Fi channels without an actual Wi-Fi connection with AP. At least it should not :)

Challenge of the year: let’s search for that zero-day! :)

Back to the list

Latest Posts

ATM Skimmers: What You Should Know

ATM Skimmers: What You Should Know

We hear about data breaches every day, criminals sell credit cards details (numbers, expiration date, and cardholders’ names) on black markets, and more people become victims of identity theft.
16 November 2017
Review of November’s Patch Tuesday for Microsoft, Adobe, and Mozilla

Review of November’s Patch Tuesday for Microsoft, Adobe, and Mozilla

The TOP software vendors fixed yesterday 153 vulnerabilities.
15 November 2017
Week in review: major cybersecurity incidents in November 6-12

Week in review: major cybersecurity incidents in November 6-12

The article contains a brief report of cybersecurity incidents for the past week.
14 November 2017