Security firm demonstrates how smartphone hack is used by intelligence agencies to spy on users
The ways in which the intelligence agencies spy on mobile phones are never known to public. However, a UK security firm has given a demonstration to BBC to show the working of that one tool, which is sold around the world to spies.
Without the knowledge of the phone owner, the tool allows the spies to record conversations with the microphone and take pictures with a phone’s camera secretly. Recently, the hackers stole the Hacking Team’s software from the company and published it on the web.
It is very interesting to know how much this tool can do by it accessing nearly any data on a phone, tablet or PC. Joe Greenwood, of cybersecurity firm 4Armed, could not hold himself back from experimenting the source code for the programme that was dumped online by hackers.
Even though he had to fidget with the code to make it work, it only took a day for him to have it up and running. With a malware placed on the target device itself, the software has the surveillance console, which exhibits data extracted from a hacked device.
However, 4Armed pointed out that using the tool to spy on someone without their permission would be illegitimate.
In a short time, Mr Greenwood became fully aware of the scope of its capabilities after testing the software on his own PC.
“You can download files, record microphones, webcam images, websites visited, see what programmes are running, intercept Skype calls,” he told the BBC.
In-built features such as tracking of Bitcoin payments are also included in the software. However, it is not easy to connect with individuals without additional data such as when and how transactions were carried out.
Mr Greenwood in his live demonstration of the system showed how to use the phone’s camera without owner’s knowledge and how an infected phone could be used to record audio from the microphone while the device was locked.
“We can actually take photos without them realising.
“So the camera in the background is running, taking photos every number of seconds,” explained Mr Greenwood.
The demonstration also showed how one could access the contacts list stored on the handset, track what websites the phone user was visiting and it was also possible to listen in on phone conversations.
4Armed’s Technical Director, Marc Wickenden and Mr Greenwood, both pointed out that they were taken aback by the appearance of the interface.
Customers expect it to be user-friendly if they are to pay £1m upwards for the software, particularly if it was meant for use by law enforcers on the move, pointed out Marc Wickenden and Mr Greenwood.
However, though there are very few ways for the tracked user to discover that they are under observation.
According to Mr Greenwood, there is a drawback though which is the sudden increase in network data usage pointing out that the details are being transmitted somewhere else in the background. However, spies with experience would want to remain in disguise by ensuring that the usage of network data is minimized.
Currently, intelligence agencies would secretly deploy this spy software only on the phones and computers of people who are important targets.
Companies are methodically examining the source code and are in the process of updating their systems to identify the version of the spyware distributed online. This will enable the anti-virus programs to be detected more easily now.
Graham Cluley, a Security expert said it should be as easy to discover a malware.
“The danger will be that malicious hackers could take that code and augment it or change it so it no longer looks like Hacking Team’s versions, which might avoid detection,” he added.
He also added that keeping the software and operating systems as up to date as possible would be the best solution.
A Hacking Team spokesman in a statement said that on discovering the breach, it informed its customers not to use the software.
“As soon as the event was discovered, Hacking Team immediately advised all clients to discontinue the use of that version of the software, and the company provided a patch to assure that client surveillance data and other information stored on client systems was secure.
“From the beginning Hacking Team has assumed that the code that has been released is compromised,” he said.
The spokesman added that no sensitive data associated to ongoing investigations had been compromised in the breach, as the software would be operated by clients of Hacking Team, not Hacking Team itself.
“Of course, there are many who would use for their own purposes the information released by the criminals who attacked Hacking Team.
“This was apparently not a concern of the attackers who recklessly published the material for all online.
“Compiling the software would take considerable technical skill, so not just anyone could do that, but that is not to say it is impossible,” he said.