A report by Malaysian daily The Star on Sunday said that the country logged 24 cases of electronic hacking involving RM3.3 million in losses. The hacking of smartphones took place between January and September 2012.
The reports highlights the vulnerability of smartphones to cyber hacking and other malicious threats through the mobile phones' short messaging service (SMS) which is celebrating 20 years of use on Dec 3, Monday.
The losses, which amount to millions of dollars from malware and toll fraud attacks on smartphones, stem from illegal access of applications from unofficial sources than trusted ones such Apple or Google.
There are several kinds of hacker known and they are not limited to phone hacking. Computers, tablets, phablets and notebooks are also vulnerable to hacking, which has become a relatively easy task, according to this YouTube posting.
Classifications of Hackers
In the underground of hacking, hackers are classified depending on their skills, knowledge, and capabilities.
- White Hat - Breaks security without malicious reasons to test their personal skills or work with a company that needs intensive security assurance.
- Black Hat or Cracker - Violates computer security with malicious intent for personal gain, destruction of data, and to make network unstable. This hacker type takes time and patience in doing their illegal work.
- Grey Hat - Hacks system to notify administrators that it is vulnerable and offers repair service for a fee.
- Blue Hat - Tests system for bugs prior to launch.
- Neophyte - Newly turned hackers with full understanding of how computers, networks, and programs work. Usually, this is the starting stage for future classification to other hats.
- Script Kiddies or Skiddie - Breaks computer systems using automate tools with no understanding or care of how they work.
- Hacktivist - Regardless of classification, the hacktivist uses technology vulnerabilities to announce his social, ideological, religious or political message.
- Elite Hacker - Considered the most skilled hacker, regardless of classification. Newly discovered exploits will circulate within this group.
Methods of Phone Hacking
1. Caller ID Spoofing: A system which masks the caller from its recipient by displaying a different phone number on the caller ID. Similar to e-mail spoofing which uses different e-mail address as a mask.
2. Location Eavesdropping: Commonly used in social medias like Facebook and Foursquare which allows location check-ins. Hackers may target checked in locations and eavesdrop the conversations. In a worst case scenario, a hacker may work with burglars after confirmation that the target is not home and the house is vacant.
3. SMS Spoofing: New hacking technology to mobile technology which allows the sender to replace his/her mobile number with alphanumeric text. SMS spoofing have legitimate uses but can cause great damage to the recipient.
a. The recipient of the SMS spoofing my incur termination charges as if received from a foreign network
b. The SMS spoofing may use a real subscriber's number incurring sending charges as if they were in a foreign country
c. Recipients may complain about spamming and possibly deflects sending of messages unless repaired
4. Malicious Software: Still being used by hackers as a technique to break security and cause multiple illegal functions such as intercepting calls or sending information (SMS, emails and passwords) and then transmitting it to another device. Having security software installed increases protection to user's private information stored in the smartphone.
5. Identity Stealing: Apps are very popular in smartphones and users may have tens to thousands of this installed. Fake apps give hackers the opportunity to access and steal all sorts of information about the phone, messages and data. Security programs are highly encouraged to prevent malwares and apps but should only be downloaded from trusted sources.
6. Pretexting or Blagging: Act of creating invented scenario such impersonation to engage targeted victim to divulge information or perform actions unlikely to happen in ordinary circumstances. Data that can be divulged includes addresses, phone bills, bank statements and health records.
7. Wireless Hijack: Wireless devices are great ways for transferring data files and can also be used for hacking. Wi-Fi and Bluetooth are vulnerable to hacking which can expose personal information of the target.
8. Cloning: Phone cloning allows hackers to receive calls and messages of the original device once turned-off. It requires special kits and techniques; it is not easy but can be done.
9. FlexiSpy and Phone Tapping: Normally, landlines are hacked by physical connection through terminal boxes and cables. However, more modern methods use a software called FlexiSpy to eavesdrop messages and voice calls to a Web site which allows access to stored data. Although banned in some networks, it has been used by parents to monitor their kids' calls.
10. Mobile Phone Tap: Various software allow remote listening to all phone conversations which are picked up through broadcast signals. Hackers may find these software difficult to obtain but it definitely exist.
Mobile Phone Pinging: Pinging a cell phone traces what cell tower the device is in. It is used by an agency by triangulating the approximate location of the mobile phone. It is not open for public use but hackers can tap into it and GPS makes it more dangerous for it can be used to trace a mobile phone even the device is turned off.