Teenager causes red-faces at Microsoft with Windows Phone 8 trojan
Malware poses as app and steals private data
A teenager is reported to have created prototype malware code for the Windows Phone 8 to steal private user data.
The Trojan, created by 16-year-old Shantanu Gawde, is said to work by posing as a legitimate app which can access a user's data once activated.
Fortunately for Microsoft and Windows Phone 8 users alike, Gawde is an 'ethical hacker' from India's National Security Database program.
Instead of putting it to nefarious uses, he will present the malware code at the upcoming International Malware Convention (MalCon) in New Delhi, India, on November 24.
It is not yet clear whether the malware is able to affect Windows Phone 8 handsets by targeting a specific weakspot in the system, or by duping careless users into installing something dodgy.
Nevertheless, it poses serious questions over the security of the Windows Phone 8 OS – particularly as it shares several similarities with its PC counterpart.
Oh Gawde
Microsoft has yet to see Gawde's findings and has therefore been unable to comment specifically on the nature of the risk.
Get the best Black Friday deals direct to your inbox, plus news, reviews, and more.
Sign up to be the first to know about unmissable Black Friday deals on top tech, plus get all your favorite TechRadar content.
However, Microsoft's Trustworthy Computing Director Dave Fornstrum has said the company would "investigate any issues disclose" in the MalCon talk and "take appropriate action to help protect [its] customers".
Although finding vulnerabilities could be potentially damaging to the Windows Phone image, it could also be seen as a blessing in disguise by allowing Microsoft to discover and amend such security issues before hackers have the chance to develop more advanced malware.
Stories of security breaches aren't exactly uncommon in the smartphone arena these days.
In September it was revealed Samsung users could have their handsets wiped by one simple line of 'killer code', which targeted the devices' TouchWiz systems and began an irreversible (and unstoppable) factory reset. The issue was later resolved through a software update.
Gawde has promised to share his findings with antivirus software companies at MalCon. Nevertheless, there will no doubt be many red faces at Redmond over these revelations, particularly given the tender age of the culprit.
Via The Register
The next Realme flagship phone could break the 8,000mAh battery barrier – more than 2x the iPhone 16 capacity
Thanks to this app, I’m a transformed man, or at least I will be eventually
World's largest PCIe Gen5 SSD gets tested and reaches almost 13GBps in sequential read; 60TB Micron 6550 Ion is super fast as it swaps QLC for TLC