How to hack a phone:

 

How to hack a phone: 7 common attack methods explained

 

Mobile security often beats PCs, but users can still be fooled and smartphones can still be hacked. Here’s what you need to watch for.

7 ways to hack a phone

1. Social engineering
2. Malvertising
3. Smishing
4. Malware
5. Pretexting
6. Breaking in via Bluetooth
7. Man-in-the-middle Wi-Fi attacks

 1. Civil Engineering

 

The easiest way for a hacker to get into any device is for the user to open the door. Achieving this is certainly easier said than done, but it is the goal of most social engineering attacks.
[Learn 8 pitfalls that undermine the success of security programs and 12 tips for effectively presenting cybersecurity on the board. | Subscribe to the CSO newsletter. ]

Smartphone operating systems typically have stricter security rules than computers or servers, operating in isolated application code that prevents unauthorized access and device hijacking. But this massive security model, where mobile users must take affirmative action to access protected areas of the phone's operating system or storage, has a downside: we learn to configure it to cause a lot of pop-up messages. "Mobile apps remove specific permissions to protect your users from malicious apps that exploit free-for-all data," said Catalino Vega III, security analyst at Kuma LLC. A prompt appears: "Do you want to allow this app to access your photos?" "

"It really adds one more step to getting into the program," he said. "With how the user experience receives some offers as a gateway to access features, most users will allow the application to access what they want. I think that's something we are all guilty about." point "

2. Malvertising

 

A very important vector for this type of fraudulent communication is called "malicious advertising," which connects to the infrastructure created for the mobile advertising ecosystem in browsers or applications.

"The goal is to get you to click on ads," says Chuck Everett, director of cyber advertising at Deep Instinct. "They try to trick you with something that will hit you sooner than you think - a panic reaction or a warning or a warning." The goal, he said, is to "scare or trick you into clicking a link."

For example, there is a game called Stop, designed to trick users into unlocking their Android phones by tricking them into disabling security features and installing other malware. Parking is not available in the official Google Play market. "67% of malware can be downloaded from the Google Play Store, while only 10% comes from third-party markets," he said. "On Google Play, users rely on other users' reviews to determine whether an application is safe or not. Do not use it." Instead, "Apple carefully reviews every app in the app store, which reduces the number of apps, but significantly reduces the number of apps reported as malicious."

3. Smishing

 

Another vector attackers use is SMS text messaging to get that important clickable link in front of their victims, a completely different engineering trick in life; This practice is known as SMS fishing or spoofing, and it attracts unsuspecting as well as high-level executives.

"Depending on the intentions and goals of cybercriminals, there are different ways to use SMS phishing," said Rasmus Holst, CRO Wire. "If the goal is to install malware on a device, a file is attached with a message that convinces the user to click and download it. For example, a cybercriminal can pretend to be a trusted person, such as reviewing an attached document from an employer. or employee, and large, unsuspecting victims. employers or the manager asked him to set a trap for. Two years ago, Jeff Bezos' phone was hacked after he downloaded a single video file from a trusted contact. In some cases, hackers. The use of mobile browsers in zero days can send malicious files to the phone without permission user when the link is clicked."

4. Malware

 

If hackers can't trick you into clicking a button and accidentally lower your phone's security barrier, they can jailbreak their phone and find someone who did it on purpose. Many believe that jailbreaking allows users to customize their devices and install apps they want from unofficial sources, but it also weakens the strong security sandbox that keeps smartphones locked down.

Hackers create legitimate applications, such as free VPNs, so that users download malware onto unsuspecting users' devices," he said. "Once this malware is installed on a device, they detect whether the device is rooted or jailbroken - if so, they steal identifying information and other sensitive information. Once the device is jailbroken, the operating system is compromised and it is easy to access passwords. , chat, or bank account or bank. and access other login information, such as payment information."

5. Pretexting

 if the user won't give up control of their device willingly, an attacker can go over their head to their mobile provider. You might remember the mid '00s British media scandal in which tabloids used what they called "blagging" techniques to access the mobile voicemail boxes of celebrities and crime victims. This process, also known as pretexting, involves an attacker piecing together enough personal information about their victim to plausibly impersonate them in communications with their phone provider and thus getting access to the victim's account.

The tabloids were just after scoops, but criminals can use the same techniques to do even more damage. "If successfully verified, the attacker convinces the phone carrier to transfer the victim's phone number to a device they possess, in what's known as a SIM swap," says Adam Kohnke, Information Security Manager at the Infosec Institute. "Calls, texts, and access codes—like the second-factor authentication codes your bank or financial providers send to your phone via SMS—now go to the attacker and not you."

6. Breaking in via Bluetooth

 There are a pair of wireless attack vectors that hackers can use to breach phones without tricking anyone into giving up permissions. Both require physical proximity to the target but can sometimes be pulled off in public spaces. "The Bluetooth connection is one of the weak spots for a smartphone, and hackers often use special methods to connect to devices that operate on Bluetooth and hack them," says Aleksandr Maklakov, a tech and security expert and CIO at MacKeeper. "This is a common hacking method because many people keep their Bluetooth connection on. If a Bluetooth connection is unregulated, hackers can get close to your smartphone and hack their way in without notice."

7. Man-in-the-middle Wi-Fi attacks

 Another potential wireless attack vector is a man-in-the-middle Wi-Fi attack. " Many people tend to connect their smartphones with the freely available public Wi-Fi whenever they get an opportunity," explains Peter Baltazar, a cybersecurity expert and technical writer at MalwareFox.com. "This habit can lead to major trouble as clever hackers can intercept the connection and infiltrate the phone." By intercepting communications, hackers can get a wealth of information without ever taking control of the user's phone. (Communication that uses TLS 1.3 is much more difficult to intercept in this way, but that protocol still hasn't been universally rolled out.)

They’ve broken in, now what?

Once an attacker has used one of the techniques outlined above to gain a foothold on a smartphone, what's their next step? While smartphone OSes are ultimately derived from Unix-like systems, an attacker who's managed to force a breach will find themselves in a very different environment from a PC or server, says Callum Duncan, director at Send code Cybersecurity.

"Most apps interface with the operating system and other applications on what are essentially API calls," he explains. "The kernels for iOS and Android are so vastly different from anything that would resemble their Unix base that shared exploits would be almost impossible. Command lines do exist for both devices but are only accessible the highest level of privilege for both devices and can usually only be accessed but rooting or jailbreaking the device."

But just because it's hard doesn't mean it's impossible. "Exploits of that type do exist," Duncan says. "Privilege escalation would be key to this process and working around inbuilt safety mechanisms would be hard, but any attacker with the ability to run code on a user's device is doing just that — running code on a user's device — so if they're smart enough they could make that device do whatever they please."

Caitlin Johanson, Director of the Application Security Center of Excellence at Coalfire, says that a surprising amount of sensitive data is accessible to attackers who gain a foothold on a device. "Data stores such as SQLite get created by installed apps and could contain everything from web request and response content to potentially sensitive information and cookies," she explains. "Common weaknesses observed in both iOS and Android include caching of application data within memory (such as authentication credentials), as well as persistence of thumbnails or snapshots of the running application, which could inadvertently store sensitive information to the device. Sensitive information—most often left unencrypted—is found in abundance within browser cookie values, crash files, preference files, and web cache content created in easy-to-read formats stored right on the device."

"The very tools created for development purposes are what makes it easier for an attacker to extract, interact with, or even modify this kind of data, such as abd on Android or iExplorer or plutil on iOS," she continues. "Standard utilities can be used for the examination of any database files copied from the device, and if we run into the need to decrypt, there’s tools like Frida to run scripts to decrypt stored values."

Thick (like Hacker)

We don't mean to oversell how simple any of this is. Most users don't jailbreak their phones, click smishing links, or give enhanced privileges to dodgy applications. Even when hackers do gain a foothold on a device, they're often stymied by iOS and Android's built-in security measures.

Perhaps more than any specific technique outlined here, the way to hack a smartphone is via sheer determination. "Attackers create highly repeatable and automated models that pick and pry at every angle of a mobile app or a new operating system version in hope of finding a weak point," explains Hank Schless, Senior Manager at Security Solutions at Lookout. "Once they find an exploitable weakness, they try to use it to their advantage as quickly as possible before a fix is released."

And if you can't figure out how to breach a cell phone, well, maybe you can find a friend who can help. "Information.sharing among cybercriminals most commonly occurs either on the dark web or in groups on encrypted chat platforms like Telegram," Schless says. "Larger groups, such as those backed by nation-states, are encouraged to share code and exploits amongst each other with the hope that collective efforts will help create more successful malicious campaigns." The good guys need to share intelligence too, because they clearly have their work cut out for them.