Abstract
As people are using their smartphones more frequently, cyber criminals are focusing their efforts on infecting smartphones rather than computers. This paper presents the design and implementation of a new type of mobile malware, named (U)SimMonitor for Android and iPhone devices, which attacks the baseband modem of mobile phones. In particular, the mobile malware is capable of stealing security credentials and sensitive information of the cellular technology including permanent and temporary identities, encryption keys and location of users. The developed malware operates in the background in a stealthy manner without disrupting the normal operation of the phone. We elaborate on the software architecture of (U)SimMonitor and provide implementation details for the specific AT commands used by the malware. We analyse the security impacts of (U)SimMonitor malware and we show that it can entirely breach the privacy of mobile users and the security of cellular networks. In particular, a mobile user with an infected phone can be identified and all his/her movements can be tracked. Moreover, all his/her encrypted phone calls and data sessions can be disclosed.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
