So far, SMS spam has been a specialty of Austria and Germany – however, it looks like the folks now start to hit the UK.

Dynamoo brings us the following text:

Hi, we think you may be entitled to compensation of up to £3500 from missold PPI on a credit card or loan.
Reply PPI for more info
Reply STOP to opt out

As of this writing, it is not known how they monetize the “victims”.

Hit the link above to find out how to report it to your carrier – of course, the delete key is invented.

Even though Adobe’s AIR and Flash products are compiled, it is relatively easy to decompile the results back to source code.

So far, embedding binary SWF files helped to some extent. This is now, however, over:

* New version is able to decompile SWF files embedded into a SWF file as binary data (nested SWF files)

Just in case anyone wants to know who the firm is:

Through the years, Flash Decompiler Trillix received numerous raving reviews and comments and multiple awards from software catalogues. Recently, Eltima Software released Flash Decompiler Trillix 5.3 for Mac with the ability to decompile nested SWF files, Adobe AIR applications, and with support for Adobe Flash Professional CS 6 and TLF texts. Since version 5.3 Flash Decompiler Trillix supports Mac OS X 10.8.

Not much to add here – consider Flash code to be as visible as JavaScript…

When looking at the recent flurry of media reports about apps stealing more or less “useless” data about random individuals, I sometimes wondered if we are looking at a redux of “internet addiction”. After all, the data of a random user sitting in a random country, well, you get the idea…

I have now found the following in my inbox. To save you the reading effort, it is from a company which offers me a list of Android users to spam at will:


Greetings of the day, I was reviewing your website and thought might be intrested in our Android Users database , by which you can expand your reach and widen your client base. We mantian 1.2 Million contacts with complete information.

We have an exclusive database of verified contacts by Industry, Job Titles and Geography…

Data Quality and Details:

Data Fields: Contact Name, Company name, Job Title, Website, Industry, SIC Code, Email address, Direct mail address, Telephone number, Revenue Size, Employee Size, etc.

Last date of data update: 24th Feb 2012

Acceptance rate: 100% permission based contacts

Usage License: Once you purchase the list you can use it for multiple times, no restrictions

Multi-Channel Marketing: The list can be used for Email Marketing, Direct Mail Marketing, Fax Marketing and Tele Marketing

Accuracy Guarantee: 90% accuracy on data

Legal Compliance: WE are in compliance with the CAN SPAM Act, 2003 and DMA

Please let me know your thoughts towards procuring or using our Android Users Email List.

To Your Success!

Urp Burp

Business Development Coordinator

Any other “innovative” ideas for snooped data, anyone?

The history of mobile malware started out on Palm OS. Attackers then moved on to Symbian, and now play around on Android and iOS.

At the Vienniese deepsec conference, the following slide was presented by McAfee:
android malware growth McAfee on the growth of Android malware

Not much to add here…

Mobile security has been a topic ever since this network was opened – so far, no really large breakout has taken place.

Canalys has now released the following press release – as always, highlighting was added by yours truly:

Canalys today announced its updated worldwide mobile security forecast, estimating an average investment growth of 44.2% per year, reaching $759.8 million by the end of 2011 and turning into a $3 billion market opportunity in 2015.[1]

According to Canalys figures, only 4% of smart phones and pads shipped in 2010 had some form of mobile security downloaded and installed, highlighting a low end-user awareness level and the relative infancy of the market. Mobile security uptake is anticipated to rise rapidly over the next four years, as enterprises conform more strictly to data protection and compliance practices, and consumers begin to understand the impending security threat to their personal data. Canalys forecasts that by 2015 over 20% of smart phones and pads will have mobile security software installed.

Not much to add here…

Two years ago, nobody cared about mobile malware. OK, there were a few small outbreaks – but nothing which made its owners money.

InformationWeek now reports the following:

More than 1 million cell phone users in China has been infected with a virus that automatically sends text messages, and the attack is costing users a combined 2 million yuan ($300,000 U.S.) per day.

According to Shanghai Daily, “the ‘zombie’ virus, hidden in a bogus antivirus application, can send the phone user’s SIM card information to hackers, who then remotely control the phone to send URL links.”

As this product relies purely on social engineering or idiocy, I would not consider it a virus – let’s see when this is combined with an exploit for maximum damage and automatic spreading…

Traditionally, mobile networks were relatively safe places. The low CPU power of mobile device made using them for botnet attacks impractical – that is, until tethering and 3G dongles came along.

Mobile Business Briefing now reports the following:

Content delivery platform company Akamai said that “more than half of the observed mobile attack traffic” recorded by its servers originated from three countries: Italy (25 percent), Brazil (18 percent) and Chile (7.5 percent).

Given that mobile phones have not been used for botnets so far, the conclusion we can draw here is that many Italians use wireless broadband…

iran virus Cyber warfare: Styx virus targets Iranian nuclear systemsA lot has been spoken and written about cyber warfare in the past – so far, we have not seen any actual cases.

This has now changed. reports the following:

Security experts first learned of the new strain of software in June, but only disclosed its ability to infect major industrial systems in recent weeks. “This is cyber sabotage,” said Roel Schouwenberg, a senior researcher for the security firm Kaspersky Labs. “Stuxnet is designed to basically bring down a plant or take down operations.”

Given the bold passage above, it should be clear that there is some sort of governmental force behind it – let’s see when the Iranians retaliate.

Image: Wikimedia Commons / Sepehrnoush; scitexing by Tam Hanna

Apple has frequently removed applications from the store in the past. Amazon did so with an ebook and got an outcry…which is why Google originally planned to retain the kill switch in the Android OS for the absolute emergency.

Given that mobile phone security becomes more and more of a topic, the situation has arisen. A blog post by a Google Engineer reads as following:

Recently, we became aware of two free applications built by a security researcher for research purposes. These applications intentionally misrepresented their purpose in order to encourage user downloads, but they were not designed to be used maliciously, and did not have permission to access private data — or system resources beyond permission.INTERNET. As the applications were practically useless, most users uninstalled the applications shortly after downloading them.

After the researcher voluntarily removed these applications from Android Market, we decided, per the Android Market Terms of Service, to exercise our remote application removal feature on the remaining installed copies to complete the cleanup.

As of now, nothing is known about these applications. Let’s see whether they will show up at one of the security conferences – if not, we could have our first black-hat targeting Android…

Spam is an age-old topic. While most of us probably delete most spam messages on sight, there must be enough morons who actually read them or the whole game wouldn’t pay out for the spammers. have now created the image below:
spam perception How users perceive spam

Unfortunately, their method of gathering the data was not disclosed…but it nevertheless makes for interesting reading!

Owners of Linux-based routers are in for a “reverse treat” – a botnet called Chuck Norris attacks these devices.

PCWorld reports the following:

Once installed in the router’s memory, the bot blocks remote communication ports and begins to scan the network for other vulnerable machines. It is controlled via IRC.

Because the Chuck Norris botnet lives in the router’s RAM, it can be removed with a restart.

So: change that default password, folks!

I guess that everybody who frequents the Tamoggemon Content Network is well aware that cell phone providers always know where your cell phone is. You lot probably also know that this data is often logged, and can theoretically be used for all kinds of data-mining processes.

So far, the common assumption was that cell phones will not be tracked without a court order. Unfortunately, this is untrue. CNet News reports the following:

In that case, the Obama administration has argued that warrantless tracking is permitted because Americans enjoy no “reasonable expectation of privacy” in their–or at least their cell phones’–whereabouts. U.S. Department of Justice lawyers say that “a customer’s Fourth Amendment rights are not violated when the phone company reveals to the government its own records” that show where a mobile device placed and received calls.

The message is short and sweet here: if your phone is on in the USA, the US government knows where you are. Do with that what you want to, and don’t hold us liable…

Austria has suffered from waves of unwanted premium SMS over the last two years or so – a recent Cisco report claims that the boys now have a new method:

Text message scams targeting users of handheld mobile
devices, such as cell phones and smart phones, are
becoming a common fraud tactic. At least two or three
new campaigns have surfaced every week since the start
of 2009. The spike in frequency can be attributed partly
to the economic downturn, but it’s also the massive—and
still growing—size of the mobile device audience that is
making this new frontier for fraud irresistible to criminals.

The report goes on to claim that various kinds of social-engineering based methods are used – a particulariuly devious one is outlined below:

Customers were contacted
by either SMS or phone and asked to provide “verification
details,” such as bank account numbers, to collect a
grand prize. Victims were also asked to purchase scratch
cards worth QR500 (approximately US$135) and provide
those numbers as “security” when they collected their
fictitious prize

Further information can be had in the PDF below – page thirteen, onwards:

CNET’s News team got their hands onto a recent Symantec report on the state of cyber-crime. The boys listened to “underground IRC channels”, and then analyzed the data.

Computer criminals have become more professional in the last year, creating underground economies where malware, bank accounts and services are bought and sold “freely”. If everything offered would be sold (a highly unlikely scenario), sellers would net 270 million dollars in a single year.

The most scary part of the report is the following quote:

“The big picture is this system is highly self-sustaining. You can buy the attack tool kit, use it to steal information and sell that information to others in the economy,” Zulfikar Ramzan, technical director of Symantec Test and Response, said in an interview. “You don’t need to have expertise in every area of cybercrime. You can have expertise in just one area and with others, form a supply chain to make money.”

Of course, it’s always possible that Symantec is peddling fear here in a fashion similar to what F-Secure did with S60 virii – so take these results with a grain of salt.

© 2013 TamsPalm - the Palm OS / web OS Blog Suffusion theme by Sayontan Sinha