Android Mobile Takeover basics

A mobile device allows communication between users on radio frequencies. It is used to send mails, multimedia sharing and also used for internet access. In this period of time mobile has taken over desktop and computers as mobile are now they enable user to access email, browse the internet, navigate via GPS and stores our critical data like calendar, passwords, etc. they also helps user to perform transactions like goods purchase, ticket booking, banking transactions, etc. People are relying less on computer as mobile has made our life simpler.

According to the App Annie reports posted in year 2015, the mobile application industry generated a $41.1 billion in gross annual revenue and this figure will rise to $50.9 billion by 2016. Gross annual revenue is estimated to exceed $189 billion by 2020, Even analysts at Juniper Research predicted a growth in the market for payments and transactions made via mobile banking applications to $1.3 trillion worldwide by 2017.

As mobile have provided technological advances by having option to send messages, email and have feature of download applications via internet, hackers misuse these advances for malicious purposes like sending malformed apk files, or click attack entitle to attract victims to fancy links using which attackers gets access over control to victim system partially or completely for his/her personal benefits.

Phone/Mobile hacking is the practice of manipulating or gaining unauthorized access to mobile phones, for the malicious purpose.

There are two types of attack used on mobile sector and these are:

·        SMS forwarding

·        Bluetooth hacking

·        Malicious Website clicking

·        Malicious apps

All of these provide a huge HACK value to an attacker when he/she exploits a mobile system for gaining access partially or at root level. Thus 

SMS forwarders + malicious apps = paying for premium rate numbers

Concept

One of the most insidious Attacks is called SMS forwarders. These are essentially Trojans that steal authentication or verification codes sent via text messages from online payment service providers. The codes are intercepted and used by cyber villains to penetrate customer accounts. Another sneaky method, and which it’s very easy to fall victim to, is a scam connected to some lottery. Hackers are getting modems which they use to send almost 10,000 text messages an hour, advertising some products or directing users to websites which are uploaded with ID stealing Trojans. It gets difficult for the cyber experts to get a handle on such type of activity because most of this activity is carried out on the deep web where hackers mask and hide their online locations.

It’s interesting and obvious, to note that most of the mobile malware attacks across wireless networks is aimed at Android phones mostly. This is because the architecture is open and as such more vulnerable than proprietary Apple’s IOS platform.

Countries that experience the highest number of attacks on mobile banking applications are Russia (40 percent), India (8 percent), Ukraine (4 percent), Vietnam (4 percent) and the UK (3 percent). India gets huge number of banking attacks as in field of cyber security India is still developing to the level of world platform. In the year 2016 malicious software programs like Acecard and GM Bot gained popularity around the world. Cyber thieves are used such malware to steal banking credentials from unsuspecting consumers when they log on to their bank accounts via their mobile phones, according to law-enforcement officials and cyber security specialists. It is difficult to quantify how much money has been stolen as a result of the mobile-phone malware, mostly because the thieves can access an account through any normal channel after they steal credentials through a phone.

Steps to hack an Android

1.   Use ‘msfconsole’ in terminal to open Metasploit framework in Kali Linux.

2.    Look for the different set of exploits using command ‘show exploits’ and find the useful exploit for android 

3.  Use ‘exploit meterpreter reverse tcp’ to connect and set local host and local port i.e. attacker ip and port. This will help in generation of an apk extension file. (refer image below)

4. Set the payload and set all values of LHOST and LPORT and exploit this payload so as to gain a meterpreter connection whenever the victim connects to the android

.

5.   Install android x86 in VMware for mobile simulation

6.  Start the apache service in attacker profile and manipulate the victim to access, open and install your shared file

7.  As the installation is complete, the meterpreter connection is established and the attacker gains access to victim’s mobile system giving her/him access to all dump files, call history, messages and even all personal data from victim’s phone.

8. With different kinds of hacking access modes, attacker can manipulate and spoof calls and messages from victim’s phone. They can even access victim’s phone camera without their knowledge.

Don’t become a prey to the attackers

Every month lots of malware and un-trusted apps are downloaded by people that make their systems vulnerable to such attacks and even to get compromised as a bot to an attacker. Understanding the grave nature of android attacks, one needs to check for certificates of applications before downloading and ensure these applications come from a trusted source. Download and data from trusted partners only.