With the advancements made by different security vendors it is seemingly becoming difficult for botnet masters to remain undetected. Reports suggest that operating systems such as the Windows 7 have become 7 times secure than older versions such as Windows XP. Hence the obvious move of a botnet was to another increasingly insecure platform – cellphones. Bots such as Zeus have already recently shown what they can do on BlackBerries. The Symbian operating system is losing its sheen. So, the next target is the Android phone.
To avoid detection, this proof-of-concept code utilizes the Short Messaging Service (SMS) as a command & control channel. This adds fault tolerance because, if a smartphone is not available on the GSM network due to being powered off or out of service range, when an SMS message arrives for delivery, the message is queued and delivered by the network! If only this feature existed in Zeus eh?
- Compile with arm-gcc with the -static flag set
- Copy to anywhere on the underlying OS that is writable (/data/ is good).
- Rename /dev/smd0/ to /dev/smd0real/
- Start the bot application
- Kill the radio application (ps | grep rild)
- The radio will automatically respawn and now the bot proxy will be working
Download the Android Botnet PoC (botPoCrelease-android.c) here.
LINK TO OUR HOME PAGE :