The word viruses might not sound new to you, neither will the word malware sound foreign. If you’ve been existing on the planet ever since smartphones became a thing you must have known that these two words don’t sound pretty at all. They are your smartphone’s worst enemies.
Malware programs meaning malicious software programs can show up in different forms, such as adware which will cluster your smartphone with ads that you didn’t bargain for, bots which will work like an army of robots deployed to cause havoc inside your phone, Trojan horses, Viruses, and worms. No matter the forms they show up in, they are bound to make using your phone a terrible experience for you.
In this post I want to bring to your notice the two deadliest malwares that are going to be a threat to smartphones this year. I will also use one or two final paragraphs to show you how to avoid getting infected.
You might have experienced the malware that will come into your phone and all they do is slow down your phone, make your phone press itself or even log on play store, download an app, install the app and start using it. There are so many funny characters to different malware but this two are way more than that.
Imagine this scenario; imagine you are talking with your closest friend and he is sitting just in front of you. You kept your phone in front of you and the both of you were discussing something very important that you wouldn’t want a third ear to hear. If your phone has been infected with any of this two malware, and no recording device lying around anywhere, your network is off. Your phone can still record your conversation, take your pictures and send to a third party.
You will be asking, how possible? That’s insane wizardry, right?
The mishap that might cost you so many things, even your life can be possible if your phone has been infected with “dolphin Attack” or “ghost control.”
These two malware programs can grab the opportunities presented by the idleness of your smartphone. It will make use of the microphone, camera, internet, and keypad even when your smartphone is in offline mode.
Hackers can make dolphin attack possible by using your smartphone’s digital assistant like SIRI and Google assistant. According to thehackernews, the technique works by feeding the AI assistant commands in ultrasonic frequencies, which are too high for human ears to pick up but are perfectly audible to the microphone on your smart device. With this, hackers can silently whisper commands into your smartphone’s ears(microphone) to command SIRI, Alexa or Google assistant, forcing them to open malicious websites and even your car, doors and control other smart IOT stuff connected to your phone.
You can’t hear the ultrasonic sounds used by the hackers to hijack your phone because, according to research, your ear can only hear 20kHz while the microphone on your device detects signals above 20kHz frequency.
With dolphin attack, the hacker can show off some hackery on your smartphone which includes;
Spying, Visiting malicious websites, Injecting fake information (send fake text or emails),
How to prevent attack?
The best solution so far to this attack lies on the shoulders of smartphone manufacturers who have been advised to program their phones to ignore ultrasonic sounds coming with above 20kHz frequency.
On your part, the only thing you can do is to turn off your digital assistant whenever you feel you are vulnerable or at high risk to be targeted, pending when you get an official patch on your phone.
Ghost control –
That leaves us with the second malware, the ghost control. According to a research by analysis.net, about 2.5 million smartphones are under ghost control in Europe and America. It does the same thing Dolphin attack will do by taking control of your smartphone’s camera and microphone.
It will most times take selfie shots and shot videos without your notice and forward it to the hacker who is behind the attack. That will be a lot of privacy being left out on the bare internet space.
Ghost control is a RAT (remote access Trojan). It hijacks your device functionality, steals information and can be used to perform ransomware attacks where the hackers lock your device up, holding it hostage and requesting a ransom in form of bitcoin payment before they can open it up again.
On a smartphone, the malware masquerades itself as a legitimate or popular app, when you download. Its base64-decodes a string from the resource file and writes it down. This string written down is the malicious Android Application package.
After installation, the wrapper APK will launch a service that will let the main malicious APK run in the background and cause havoc to your smartphone.
To prevent this one is quite easier than Dolphin, just be mindful of the type of apps you download and where you download them from.