

How a Web Link Can Take Control of Your Phone - mdariani
http://www.technologyreview.com/computing/39824/?p1=MstRcnt

======
ge0rg
TL;DR: some guys bought a bunch of WebKit zero-days, gained root on an Android
2.x device, installed a surveillance app and demoed it at RSA conf.

It would be nice to get hold of some more of the technical details involved.

~~~
jacquesm
It would have been nicer still if they had helped to patch the holes in WebKit
after showing their demo.

~~~
mikeash
Given the ancient versions of Android they're exploiting, it wouldn't surprise
me if the holes were already fixed.

~~~
jacquesm
It'd be pretty silly to classify these as 0-day exploits that they paid for
then!

~~~
mikeash
I suppose so. The article does say "The attackers spent $1,400 on the black
market for the details of 14 known, but not patched, bugs in WebKit." Yet it
also explicitly mentions specific, old versions of Android which have the
holes. This seems like something of a contradiction.

------
ajray
Maybe I'm not sure about how tech-savvy most people are, but when I get a text
message from an unknown number claiming to be my provider asking me to click a
web link to update my phone, I know something's up.

~~~
prof_hobart
It doesn't have to be an unknown number. Certainly in the UK, it's pretty easy
to send an SMS with any name (text or number) you want in place of the phone
number. And I suspect that most people aren't that tech-smart to realise that
a text claiming to be from T-Mobile isn't actually from them.

------
emmelaich
It's not that clear, but apparently this requires the pre-installation of a
malicious app.

Quote: "The CrowdStrike team reverse engineered a Remote Access Tool (RAT)
called Nickispy (a RAT from China that successfully disguised itself as a
Google+ app)."

from
[http://blogs.computerworld.com/19803/mobile_rat_attack_makes...](http://blogs.computerworld.com/19803/mobile_rat_attack_makes_android_the_ultimate_spy_tool)

------
Cieplak
I'm curious if they used any Flash exploits in addition to the webkit
vulnerabilities.

