Cyber security experts have demonstrated the possibilities that attackers have for accessing the applications installed on their mobile devices and spying on their conversations or stealing confidential information.
This month the filtering case was reported to Brazilian Justice Minister Sergio Moro, in which third parties apparently accessed the employee's WhatsApp messages. The Intercept website leaked the messages in which Moro referred to the lawsuit against former President Lula da Silva. The episode generated a stir in Brazilian politics and also produced some unknowns about how texts were obtained. According to the site, the dialogues were sent by an anonymous source who never clarified how he got them.
However, experts have reiterated that it is not necessary to be a public figure to be a victim of cybercriminals. Your financial data is valuable and even the information stored on your device can be used for future extortion.
The cybersecurity company Kaaspersky Lab has published five common hacking tactics that could jeopardize the information on your mobile device.
The first option that seems the simplest, but at the same time is the most limited to the cybercriminals is the power have direct access directly to the victim's device in their hands. According to Fabio Assolini, a cybersecurity expert at Kaspersky, cybercriminals can use techniques to download a remote access or spy Trojan on both mobile and portable devices.
Last May, a vulnerability on the WhatsApp messaging platform caused panic among users of the application and prompted the company to ask its users to update it as soon as possible.
A group of hackers encountered a security flaw in WhatsApp and used it to install spyware. According to Kaspersky, in this case, it was possible to exploit a critical vulnerability with Remote Code Execution (RCE), that is, from another device, the malware installation is obtained, which allows for espionage activities.
Unknown failures are used against specific goals, but can also be a gateway to put at risk. Cybercriminals are constantly searching for vulnerabilities in any device to attack. Some Brazilian media reported on the probability of this technique in relation to attacks against members of the Federal Public Ministry.
Cloning the SIM
When obtaining personal information from a victim, it is possible for someone to copy the SIM card and use the same number on another phone. In fact, an investigation by Kaspersky Lab revealed that in Brazil alone, an organized group could clone SIM cards of 5,000 people, including politicians, ministers, governors, celebrities and high-profile entrepreneurs.
Cybercriminals may request the replacement of the SIM to activate the phone number using personal data found through social engineering techniques, data filtering or phishing cases.
By doing the SIM swap, as this technique is called, the cybercriminal could perform the cloning of applications like WhatsApp. This is achieved, explains Kaspersky, because many applications have a two-step verification method, where the second factor is an SMS or a call made to a mobile phone. When transferring the number to another SIM, the attacker can gain access to this verification step.
The SS7 protocol is an older system that is used in most of the world's telephone networks and through which elements of a telephone network exchange information. However, SS7 incorporates several vulnerabilities that make it possible for a cybercriminals to ensure that call routing goes through a specific location, and so user movements are tracked. Attackers can also make the phone network believe that their phone has the same number as the victim's number to receive application verification codes like WhatsApp via text messages.
According to Kaspersky, this technique was initially used by spy agencies and in cases of attacks on bank fraud in Europe. One of the most notorious episodes was the case of espionage for the former president of Brazil Dilma Roussef in 2014.
One of the most commonly used alternatives for cybercriminals is the installation of malware on a user's mobile device. Some of these malicious codes allow you to take screenshots and even make videos of your interactions. More sophisticated ones allow cybercriminals to perform remote monitoring to spy on them. In order to install malware, attackers send fake links or attachments in emails. Fraudulent applications, which request permissions like camera access, are also another of the most commonly used paths.