Mobile Phone Malware and Spyware Analysis

Detection of Spyware, Interception, and SS7 Cellular Attacks

WHAT IS SPYWARE AND HOW DOES IT AFFECT YOUR PRIVACY?

Spyware is a piece of software that allows an attacker to access all kinds of data from your device. It is installed in a variety of ways, such as an infected image or file that is sent to the device via Bluetooth, Email or Message, or by an infected link that is sent via SMS.

The Spyware would allow your camera and microphone to be remotely activated, your phone calls be listened to and intercepted, your text messages be read, your passwords to be viewable, and your location tracked, just to name a few. NSI consulted with Ross Coulthard of 60 Minutes on an investigation into mobile phone’s being compromised (you can read this here).

If you suspect that your mobile phone is being used to track you or listen to your conversations or read your SMS or emails, we can help.

Using the latest law enforcement grade equipment we can conduct a Mobile Phone Malware and Spyware Analysis that may be installed on your device. Using a mobile phone as a tracking or eavesdropping device is a breach of the Surveillance Devices Act 2007.

What is an SS7 Cellular Attack?

Signaling System 7 (SS7) is a cellular protocol used worldwide that interconnects mobile phone operators. Through the use of an IMSI Catcher or Stingray device, which are rogue or fake cellular towers, a mobile phone is able to be covertly intercepted over the air by exploiting the baseband processor on the mobile phone. When an IMSI Catcher/rogue cell tower is in operation, mobile phones within the vicinity of the rogue tower connect to it and the IMSI Catcher then does a handoff to the legitimate tower(s).

Prior to the handoff, a silent SMS or Paging Request is made which allows your device to be fully controlled, without leaving a trace on your device.

How can NSI help?

NSI utilise military specification forensic equipment. Using this equipment, we analyse the mobile phone to determine if Spyware is currently active or deleted from the device. We are also able to analyse the SIM card to determine if there are any interception attempts.

If Spyware is found, or evidence of an interception attempt is found, we are able to present you with a report which can be presented in all courts and tribunals. We do this by making an image or clone of the mobile phone or electronic device and then analyse the data. We do not modify the data in any way.

Some of the things that can be done to a phone or device that has spyware on it are:
  • View your location
  • Read SMS text messages and emails
  • Listen to phone calls
  • Read your passwords
  • View the websites you have visited
  • Gain access to documents

If you believe that your privacy has been breached by one or more of the above, contact our friendly team and let us help you get your privacy back.

Contact