You are here: Home > Business & Finance > Stocks > Article
Home
Business & Finance
Markets
Deals
Small Business
Green Business
Industries
Industry Summits
Stocks
Advanced Stock Search
Overview
Option Quote
Chart
Officers and Directors
Key Developments
Company News
Press Releases
Financial Highlights
Ratios
Financial Statements
Performance
Insider Trading
Institutional Holders
Estimates
Recommendations
Analyst Research
Funds
ETFs
Currencies
Commodities
Options
Economy
Bonds
Analyst Research
Portfolio
News
Do More With Reuters
RSSRSS Feed
Widgets
Mobile
Podcasts
Newsletters
Your View
Partner Services
CareerBuilder
Affiliate Network
Professional Products
Support (Customer Zone)
Reuters Media
Financial Products
About Thomson Reuters

Mobile phones seen to face hack threat

Mon Jun 1, 2009 8:18am EDT
 
[-] Text [+]

By Tarmo Virki, European technology correspondent

HELSINKI (Reuters) - Accessing your bank account over the phone might seem safe, but security experts say would-be hackers can access confidential information via a simple text message seemingly from your service provider.

People in the industry aware of the risk see it as extremely small as only a few people use handsets to access their bank accounts, but it is growing as mobile Internet usage rises.

In April, the flaw -- which enables criminals to access a mobile data connection, steal data or install or remove programmes -- gained wider attention at the BlackHat Europe security conference.

"The hacker does not have to be especially skilled to do this," said Jukka Tuomi, chief technology officer at Finnish software firm ErAce Security Solutions.

ErAce said that in some phones using Microsoft's Windows software users cannot block the attack, while Symbian phone users can block the malicious message.

However, in practice, most users accept an installation of new settings if they seem to be from an operator.

So far, security problems on mobiles have been mostly limited to small outbreaks as operators have been able to screen the data traffic, but the new risk could be out of their reach in many countries where screening text messages is not allowed.

Consumers' increasing fears over computer viruses' ability to attack mobiles can put at risk the takeup of new mobile services, which are crucial for operators looking for growth in mature markets, where call prices are falling.

A REAL RISK

Also, installing security software on the phone is not always enough as on some models criminals can swipe the programme from the phone.

"People think they are closing their door, but the windows and the backdoor are open," ErAce's Tuomi said.

When trying to enter a bank website on a mobile browser from an infected phone, the message on the phone says: "Opening a secure connection. Content cannot be seen by anyone else." In fact, the connection goes through criminals' servers.

"This is a real risk, but we have not seen this used in any real attacks in the field," said Mikko Hypponen, research director at Finnish security software firm F-Secure.

Jacob Greenblatt from security software firm Discretix said: "While this is definitely serious, there are certain safeguards which can be built into mobile devices to eliminate the threat entirely or to limit its potential for harm."

Even if new phones are protected, this would still leave billions of phones on the market which are not shielded. (Reporting by Tarmo Virki)

 

Featured Broker sponsored link