BackStab Attack Takes Indirect Route To Mobile Data

  /     /     /  
Publicated : 22/11/2024   Category : security


BackStab Attack Takes Indirect Route To Mobile Data


Attack technique takes advantage of weak protections around mobile users backup files.



While there are plenty of mobile device vulnerabilities just waiting for bad guys to pick up on, some of the lowest hanging fruit for mobile-oriented attackers isnt on the device itself. Instead, the softest target comes in the form of insecure back-ups stored on a traditional desktop or laptop.
Palo Alto Networks Unit 42 research team calls the technique BackStab. In a
report out today
by researchers with the team, they explain that this indirect route can nab attackers text messages, photos, geo-location data and just about anything else thats been stored on a mobile device.
While the technique is well-known, few are aware of the fact that malicious attackers and data collectors have been using malware to execute BackStab in attacks around the world for years, writes report author Claud Xiao. iOS devices have been the primary target, as default backup settings in iTunes® have left many user backups unencrypted and easily identified, but other mobile platforms are also at risk.
According to the report, Unit 42 has found over 700 recent flavors of Trojans, adware and other hacking tools designed to target Windows and Mac systems containing user data from backup files from iOS and BlackBerry devices.  Several of the malware families discovered by the researchers have been around for at least five years. They explain that there are tons of public articles and video tutorials detailing how to carry out a BackStab attack. And unlike a lot of mobile device attacks, the attack doesnt require for a targeted user to have a jailbroken device.
In the case of iOS attacks, often BackStab is made possible due to default settings on iTunes that dont encrypt backed up data.
The report today detailed some of the most common tools that employ BackStab, including a dropped portable executable file often used in concert with the DarkComet remote access Trojan called USBStler. Interestingly, they also showed how RelevantKnowledge, a tool developed by Internet research firm comScore, leans on BackStab techniques to spy on consumers.
We found that many RelevantKnowledge samples contain code to collect users’ iPhone and BlackBerry data through these mobile devices’ backup archives, Xiao wrote. During their execution, these samples will search for files under the Windows iTunes backup directory, collect information, compress it into a file and upload it to (comScores) web server. 

Last News

▸ 7 arrested, 3 more charged in StubHub cyber fraud ring. ◂
Discovered: 23/12/2024
Category: security

▸ Nigerian scammers now turning into mediocre malware pushers. ◂
Discovered: 23/12/2024
Category: security

▸ Beware EMV may not fully protect against skilled thieves. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
BackStab Attack Takes Indirect Route To Mobile Data