Industry News | In Practice | The Bigger Picture | Digital Marketing | Your Business | Latest Research

Latest Articles

How mobiles & Facebook changed buying decisions of men and women

We all know that our gender influences our buying decisions. But what affects your response to online ads? According to recent studies, 56% of men who surf the web are more likely to respond to ads with coupons compared to women (39%). By Alex Hillsberg.

more

A client’s guide: How to approve a Google AdWords ad text

With more money spent on Google AdWords in the UK than on ITV, Channel 4 and 5 put together, attention is now turning to the creative element of the medium. The AdWords medium work in a unique waymeaning that clients have to evaluate prospective ad texts in a way that’s different to any other medium, with science and craft both playing a role. By Paul Booth.

more

Bing attracting advertisers as ad spend far outstrips Google

Ad spend on Microsoft’s Bing search engine grew at twice the rate of spending on arch rival Google in the first quarter of 2014, according to a new report. New Media Knowledge crunched the numbers. By Chris Lee.

more

Related Articles

Want to spy? The risk of applications

Filed under: All Articles > Industry News
Tags:
By: NMK Created on: January 28th, 2014
Bookmark this article with: Delicious Digg StumbleUpon

Spyware or legitimate monitoring application? You decide. In their latest blog, the Zscaler ThreatLabZ research team discuss a ‘legitimate’ app that can be purchased in Google Play known as SMS Tracker. Now, it’s legitimate as it advertises exactly what it does, but based on how this same application is packaged and distributed in other markets, some audiences may have less altruistic goals with this same application. The app also illustrates the powerful access permissions that an application can gain so long as the end user agrees to it, either explicitly or otherwise. By Viral Gandhi.

 

By Viral Gandhi

Details about the application:

Name: SMS Tracker.

Installs: 10,000-15,000.

Description: http://smstracker.com/  

As per the description on the application’s Google Play page, the application is able to do the following:

• SMS Tracking – Intercepts text messages. Read all inbound and outbound text messages. Details include time and date, phone number, contact name and location of the target phone. Complete Text message tracking and logging.

• MMS tracking - Intercepts MMS multimedia messages. Read and view all inbound and outbound MMS messages. See what photos are sent to and from the target phone. Details include photo, time and date, phone number, contact name and location of the target phone.

• Browser Tracking – monitors all web browser activity on the target phone. Know which websites were visited, which pages were viewed and when.

• GPS Tracking – Logs GPS location information which can later be viewed on a map. Know when and where the phone was located at all times. Breadcrumbs to record location information allowing parents to locate their children at frequent intervals. GPS logging occurs at a user defined rate (default interval is 5 minutes). Remote GPS logging and viewing give you the ability to see the location of your child’s phone, from any web browser. The bread crumb trail offers powerful GPS Tracking.

• Call Logging – Monitors all inbound, outbound and missed calls. Identifies the phone number, contact name, call duration, and location of the phone for every call.

• If you want to know where your kids are, just send them a text message. The location of the phone is.

• Recorded every time it sends or receives a text message.

• Tracking of System Events, including Device Powered On/Off, Device Attached / Removed to/from the charger, Apps installed/removed/updated.

• Silently monitor all inbound and outbound SMS messages.

 

How the app can be used?

First you need to download the application and install it on the device on which you want to spy. After installing an application you need to register it. Next, you need to go to http://smstracker.com, where you will be asked for your login name and password, which was registered at a time of installing the application.

This screenshot shows the dashboard after login.

This screenshot shows the page where you can see logging from the device. It covers SMS, device information, call logs, network traffic, location details, etc.

Concerns

In another context, an application with these capabilities could be labelled as spyware. At the vendor's (http://smstracker.com/download.php ) they are selling a repackaged version of this app which has the same functionality but does not leave an icon on the device, thus making it stealthier and harder to detect following installation. This version also does not contain the notification icon or privacy policy screen. Why the transparency? What audience is this version targeting?

This same application could also serve generic template for other spyware projects by being wrapped with other code to provide the core functionality needed to create another malicious app. This type of app clearly shows the powerful level of access that can be granted to Android apps, so long as users grant permission. An app can access SMS, call logs, network traffic, hardware details, screen details etc. Always carefully read the permissions requested by an application before installing it on your device.

The vendor is promoting this application as a tool for monitoring the mobile activities of your children. However, this same app would be a very effective tool for spying on someone once installed on their phone. You just need to install the app on the device which you want to spy and you are done. All the information about the device and all call and SMS logs can then be remotely monitored.

Moreover, all of the user's private data is stored on the vendor's server. What guarantees are in place that the private data will remain private? In the increasingly common enterprise world of “Bring Your Own Device” (BYOD), such applications could be leveraged to expose corporate contact lists, email, browsing information and collect private data from corporate apps in the workplace. Enterprises often block access to 'non-official' app stores to prevent the installation of such apps, but this illustrates that such a restriction is no guarantee that spyware can't be installed from an official source.

Virustotal scan results

The application available from the vendor site (smstracker.com): https://www.virustotal.com/en/file/21aa6c6652287413f07ddfbcadea84441a500ee12816dfe4beed913e4a0fa636/analysis/  

The Google Play store’s version: https://www.virustotal.com/en/file/a3b40fa9fea9600b55d4d07fd4f0358ee74e6924c342c5857c2a5311f7a11ed3/analysis/  

Interestingly, despite virtually the same functionality, far fewer AV vendors flag the Google Play version as malicious.

About the author

Zscaler ThreatLabZ is the global security research team for Zscaler. Leveraging an aggregate view of billions of daily web transaction, from millions of users across the globe, Zscaler ThreatLabZ identifies new and emerging threats as they occur, and deploys protections across the Zscaler Security Cloud in real time to protect you from advanced threats.

About the company

Zscaler is transforming enterprise security with the world’s largest Security Cloud built from the ground up to safely enable users doing business beyond the corporate network. Zscaler’s Security Cloud processes over 12 billion transactions a day with near-zero latency to instantly secure over 12 million users in 180 countries, with no hardware or software required. More than 4,500 global enterprises are using Zscaler today to simplify their IT operations, consolidate point security products, and securely enable their business for mobility, cloud and social media.

Appliance-based network security solutions were designed to protect static corporate networks, and routing mobile and remote traffic through these appliances often slows traffic to an extent that negatively impacts the user experience. Zscaler’s Security Cloud acts as a checkpost in the cloud, scanning all incoming and outgoing traffic between any device, anywhere in the world, and the Internet to identify and block potential threats.

Zscaler’s Security Cloud solutions are used by more than 4,500 global enterprises to secure over 12 million users worldwide. Their current customers are large global industry leaders that are trying to solve the difficult challenges of securing users beyond their corporate network. Their largest customer is National Health Services (NHS) with 1.6 million users. Other customers include British American Tobacco (BAT), which uses Zscaler to secure users in over 180 countries, as well as Society General, RalCorp, Pitney Bowes, and VMware. We also offer Zscaler through relationships with Internet Service Providers such as BT, Verizon, Telefonica and Swisscom.

http://www.zscaler.com/  

http://www.zscaler.com/threatlabz/

Comments

You must be logged in to comment.

Log into NMK

Register

Lost Password?

Newsletter


For the latest news from NMK enter your email address and click subscribe: