Which Are The Mobile Attack Vectors? – There are several types of Mobile Attack Vectors and threats on a mobile device. Some of most basic threats are malware, data loss, and attack on integrity. An attacker may attempt to launch attacks through victims browser by a malicious website or a compromised legitimate website. Social engineering attacks, data loss, data theft, data exfilteration are common attacks on mobile technology,
Mobile attack vector includes:-
- Virus and RootKits
- Application Modification
- OS Modification
- Data leaves the organizations
- Print screen
- Copy to USB and Backup Loss
- Modification by another application
- Undetected tamper attempts
- Jail-broken devices
- Device Loss
- Unauthorized device access
- Application Vulnerability
Vulnerabilities and Risk on Mobile Platform
Apart from attacks on a mobile platform, there are also several vulnerabilities and risk in a mobile platform. The Most common risks are:-
- Losing Your Data – If your mobile device has been hacked, or a virus introduced, then all your stored data is lost and taken by the attacker.
- Bad use of your mobile resources – Which means that your network or mobile device can go in overload so you are unable to access your genuine services. In worse scenarios, to be used by the hacker to attach another machine or network.
- Reputation Loss – In case your Facebook account or business email account is hacked, the hacker can send fake messages to your friends, business partners and other contacts. This might damage your reputation.
- Indentity Theft – There can be a case of identity theft such as photo, name, address, credit card, etc. and the same can be used for a crime.
Application Sandboxing Issue
Sandboxing is one of the most important key components of security. It supports security as an itegrated component in a security solution. Sandboxing feature is much different from other traditional anti-virus and anti malware mechanisms.
Sandboxing technology offers enhanced protection by analysis of emerging threats, malware, malicious applications, etc. in a sophisticated environment with in-depth visibility and more granular control.
However, the advanced malicious application may be designed to bypass the sandboxing technology. frangmented codes and script with sleep timer are the common techiniques thar adopted by the attacker to bypass the inspection process.
Also Read this :- Pubg Hack ,
Mobile Spam and Phishing
Mobile Spamming is a spamming technique for the mobile platform in which unsolicited messages or emails are sent to the targets. These spams contain malicious links to reveal sensitive information.
Similarly, phishing attacks are also performed because of ease to setup and difficult to stop. Messages and email with prize-winning notifications and cash winning stories are the most commonly known spams. An attacker may either ask for credentials on a phone call, messages or redirect the user to malicious website, or compromised legitimate website through a link in a spam messages or email.
Bypassing Encryption Mechanisms and Exfiltrating Information
Spyware sends mobile content such as encrypted emails and messages to the attacker servers in plain text. The spyware does not directly attack the secure container. It grabs the data at the point where the user pulls up data from the secure container in order to read it. At that stage, when the content is decrypted for the user’s usage, the spyware takes controls of the content and sends it on.
Open Wi-Fi and Bluetooth Networks
Public Wi-Fi Unencrypted Wi-Fi and Bluetooth networks are another easy way for an attacker to intercept the communication and reveal information. User connected to public Wi-Fi intentionally or unintentionally may be a victim. BlueBugging, BlueSnarfing and Packet Sniffing are the common attacks on open wireless connection.
How Hackers Can Profit from Successfully Compromised Mobile?
In most cases most of us think what can we possibly lose in case our mobile is hacked. The answer is simple – we will lose our privacy. Our device will become a surveillance system for the hacker to observer us. Other activities of profit for the hacker is to take our sensitive data, make payments, carry out illegal activities like DDoS attacks. Following is a schematic representation:
Also Read This :- Facebook Hack, Hack Phone