The phone infection process has nothing unusual compared to the scheme that is already known for Android-based devices. A malicious APK file gets into the phone under the guise of the game called ‘Sex Xonix’, which supposedly gives you an opportunity to look at some naked women. Obviously, there is no way of stumbling upon such ‘treasure’ on Android Market. So it dwells on all sorts of second-class websites with questionable content, which attracts those who ‘like it hot’.
Today we are going to talk about one of the types of malicious instructions exploiting remote software vulnerabilities, particularly memory vulnerabilities. Historically, such sets of instructions are called shell codes. Previously such attacks used to grant access to shell, and somehow it became the custom. Typical memory vulnerabilities exploited by shell codes are, first of all, buffer overrun, stock variables and other structures overrun.
A small optimized kit of ARM chip commands is perfect for mobile devices. Thanks to lower power consumption, it is very popular today for being used in smartphones and tablets. However, recently there has been a lot of talk about the ARM chips being introduced into the area entirely occupied by Intel — the servers.
One of the best-known and most aggressive members of this family is, undoubtedly, Adware.Webalta.2 (according to Dr.Web’s classification). This piece of work is intended for viral advertising of webalta.ru, a Russian search engine, (we are happy to learn that, by now, this resource has fallen into decay and refuses to find whatsoever :))
Nowadays, top Android devices have the same capacity as the five-seven year-old laptops, which were quite suitable for code writing. But due to some peculiarities of modern gadgets, it’s rather hard to do this sacred work on them. However, hard doesn’t mean impossible.
The high fidelity positioning, data density and such other intricacies characteristic of modern HDD can be the subject matter for a great many articles, but we are not going to explore the disk mechanics or process physics profoundly, let’s focus on the most interesting component for us — electronics, instead.
In fact, the iCloud is not a single service but general marketing name for a number of cloud-based services from Apple. These include the syncing of settings, documents and photos, Find My Phone to locate lost or stolen devices, iCloud Backup to backup your data to the cloud, and now it’s also iCloud Keychain for secure syncing of passwords and credit card numbers between iOS- and OS X-based devices.
