[AI] Mobile botnets show their disruptive potential

Sanjay ilovecold at gmail.com
Thu Apr 15 02:01:05 EDT 2010

Mobile botnets show their disruptive potential
          Researchers demonstrate how a small number of infected phones
          could be used to attack a mobile network, making it impossible
          for most users to make calls or send texts

by MacGregor Campbell

DENIAL-of-services (DoS) attacks are a common tactic used by "black
hats" intent on bringing down a high-profile website, one owned by a
bank or political party, say. But what if these hackers now have
cellphone networks in their sights?

In a standard DoS attack, a network of infected PCs, a "botnet", would
swamp a server with so many requests to view a web page that it would
be unable to handle legitimate requests. Now Patrick Traynor of the
Georgia Institute of Technology in Atlanta and colleagues have shown
how a cellphone network could be the vehicle for an attack that would
cut off calls for millions of users.

Traynor and his team used software that simulates a cellular network's
Home Location Register (HLR) - a massive database that stores the
details of every SIM card an operator issues and would typically
contain details on up to 5 million subscribers. Traynor found that a
botnet of fewer than 12,000 infected cellphones could disrupt 93 per
cent of traffic - voice calls and SMS messages - to a hypothetical HLR
of 1 million subscribers. In a real-life attack the owners of infected
handsets would be unaware that their phone was part of a botnot.

"Phones have evolved so quickly - we've gone from just the ability to
make phone calls to many of the things that desktop computers can do,"
says Traynor. "As utility comes to this platform, we have to expect
that malicious behaviour is going to follow pretty quickly."

Indeed, the first phone botnet is believed to have been assembled
earlier this year after an SMS worm called "Sexy Space" cascaded
across cellphone networks. Users who clicked on a link in the message
had software installed on their handset that was capable of
communicating with a central server, making it possible for their
phone to be controlled remotely by a third party.
The first phone botnet was assembled earlier this year after an SMS
worm hit cellphone networks

"These threats are certainly feasible. Whether they will be
implemented by an attacker remains to be seen," says Zulfikar Ramzan
of network security company Symantec. Ramzan points out that while
smartphones are powerful, they are still not as attractive a target as
PCs, which can be hijacked to send large amounts of spam or host
malicious websites. He argues that while a mobile botnet might be used
to bring down part of a cellular network, it's not clear how
profitable such an attack would be.

More information about the AccessIndia mailing list