Cyber Security Tip & Tricks

Friday, December 26, 2008

Nokia Phones vulnerable to Java Attacks

Nokia Phones vulnerable to Java Attacks

A pair of critical vulnerabilities in Sun Microsystems Inc.’s Java technology for mobile devices could be used by hackers to surreptitiously make calls, record conversations, and access information on Nokia Series 40 cell phones, a Polish researcher said Monday.

Adam Gowdiak, a researcher who has found numerous bugs in Java 2 Micro Edition (J2ME) in the past, said he reported the two vulnerabilities to Sun last Thursday, and notified Nokia the same day of the security issues in its handsets. However, Gowdiak is taking a disclosure tack he admitted will be controversial. He has provided the vendors with only a small subset of the information he’s uncovered, approximately one-to-two pages worth. To obtain the remainder, which includes proof-of-concept code, Sun or Nokia will have to pony up $29,826.

The flaws can be used by attackers to force-feed malicious Java applications to Nokia Series 40 phones, said Gowdiak. Those applications, in turn, could be crafted to conduct all kinds of mischief, including making phone calls from the phone, sending text messages from the phone, and recording audio or video. Hackers could also access any file on a Nokia 40 model phone, obtain read and write access to the phone’s contact list, access the phone’s SIM card, and more, added Gowdiak.

“This can completely wipe out any security within J2ME,” said Gowdiak in an interview Monday. “It allows [attackers] to do anything malicious on any mobile device.”

All told, Gowdiak said he had found 14 security issues with the Nokia Series 40 handsets. The Series 40 is the world’s most widely-used mobile platform, according to Nokia. Gowdiak estimated that approximately 140 different Nokia handsets use the Series 40 platform.

All an attacker needs to hack a specific Series 40 handset is its phone number, Gowdiak claimed. A security flaw in the platform can be exploited by simply sending a maliciously crafted series of messages to a given phone. “By combining the vulnerabilities with the Series 40 issues, one could develop malware which could be simply deployed. And that malware won’t be visible to the user,” he said.

Gowdiak tested seven different Nokia Series 40 handsets — “At least one from each major family in the series,” he said — but he suspects that other manufacturers’ phones that use J2ME may also be vulnerable.

He said that the most current version of Sun’s Java Wireless Toolkit also contains the critical bugs. The Toolkit is essentially a software developer’s toolkit, or SDK, for building wireless applications based on J2ME. The implication, said Gowdiak, is that any application created with the Toolkit would also be open to attack, including those installed on handsets other than Nokia’s.

Nokia did not respond to a request for comment Monday, and although Sun did return a call, its spokeswoman did not have any immediate information about the vulnerabilities reported by Gowdiak.

For his part, Gowdiak said security teams at both companies had confirmed receiving his reports last week. “They seem to be working on these issues,” he added.

But the vulnerabilities may not be what many focus on, Gowdiak admitted.

To fund his start-up — a Polish-based company called Security Explorations — Gowdiak is selling copies of his research for 20,000 euros each. “There are six long months of work in this research,” he said in justifying the price. “It was an enormous amount of research.”

But Gowdiak is savvy enough to know that the move will be controversial. “Of course. The whole security arena is divided,” he argued. “Some will be against this and some will be for it.”

He said that the amount of information he had turned over to Sun and Nokia was “similar” to what he had disclosed to vendors previously. “We’re not blackmailers, we’re not black hats,” he said. “They have a choice whether they want to sign up for our security research or whether they want to [devote] research engineers of their own to investigate the vulnerabilities.

“But in our opinion, they have full vulnerability information.”

He also stressed the special nature of the vulnerabilities he had discovered. “This is the first time that such a widespread and critical attack has been demonstrated against Nokia’s Series 40 devices,” he said. “We have proved that these devices can be hacked and infected with malware in a very similar way PC computers are.”

Still, he was on the defensive. “Some people will attack us, and hate us,” he said, for selling research in this fashion. “But in time, people will be able to judge on their own whether we got it right.”

He stopped short, however, of promising to release more information once Sun and/or Nokia had patched their software. “We’re considering it,” was as far as he would go.

(Source:ComputerWorld)

3 comments:

  1. your idea is great. sometimes nokia dosent work well with java apps.
    http://bestnewphones.blogspot.com

    ReplyDelete
  2. A really way to hack hotmail passwords! This service is absolutely 100% no bullsh*! They really do what they say they will do and they do it quick. My advice to anyone who uses this service, however, is to really take some time to think about if you really want to go digging; because when you go digging what you will usually find, as they say, is dirt. I personally feel very liberated having found out what I did, but i also had sort of prepared myself for it beforehand and had a gut feeling already. I needed absolute proof, though, and I got it. Be careful what you wish for because if its getting into your ex's email, http://www.ActiveHackers.com will grant your wish.

    I don't know what to say... I'm absolutely FLOORED. I hired them to hack into my ex's hotmail email. After about a week I became very skeptical. "OK, this guy's just making fake guestbook entries and collecting cash...". I emailed them asking if this was the case, he kindly responded that he was working on it. Next day, a screenshot. Not a doctored screenshot, because I remember what the inbox looks like and all the folders in it. No, it was real, with real emails from me. I was still skeptical, thinking, "OK, maybe he has some program that can do that, but can it really get passwords, can he hack hotmail email?" I paid, in reality it is not a lot of money in the end. The password even made me skeptical, it was so simple. Certainly it's possible, I've researched it, but could this guy really be who he says he is? But low and behold, it's the real one. I'm shocked from my doubt. This guy Active Hackers is the real thing. I'm still in shock. Thanks man, I can't thank you enough. My heart can breathe a little better, now.

    That is what of how to hack a password, hire them http://www.activehackers.com if you want to know how to get into someone's hotmail account. They provide the easy way to hack yahoo and easy way to hack msn messenger. Just to help other people who may need their facebook hacking services.

    ReplyDelete

Recent Comments