A group of researchers has demonstrated the vulnerability of smartphone platforms by tricking 8000 users into creating a botnet by disguising the install file in a superficially harmless meteorological app.
Tipping Points Digital Vaccine Group instigated the test in order to use the results at a data security conference held last week.
The firm exploited the trusting nature of smartphone users to spread its WeatherFist app, which then harvested data including phone numbers and GPS locations from the infected phones.
Although no official app store accepted the application for sale, it still managed to find its way onto thousands of Android smartphones and iPhone mobiles, with independent app markets acting as the proliferators.
The company behind the weather app said that although the version it spread was relatively harmless, a more potent version that could be used for spamming and identity theft was also easily transmittable using the same techniques.
It has been pointed out by other security firms that although the demonstration was useful to an extent, there are already examples of similar scams used by real hackers which have impacted smartphone owners.
Was this article helpful?