KUALA LUMPUR - Avoiding suspicious computer files and modified smartphone operating systems are ways Malaysians can minimise the risk of spyware, technology experts said amid claims that Putrajaya obtained software allowing it to gain control of individual devices.
Tech blogger Keith Rozario noted that Microsoft Word documents appear to have been used to spread the infection of the remote control system (RCS) spyware that the federal government purportedly bought from Italy-based company Hacking Team, based on information that was leaked recently.
“My feeling is that over time, companies like Adobe and Microsoft will fully patch their software to no longer be vulnerable, and anti-virus programmes will be updated to better detect RCS on your machine. The advice would be to stay calm and keep updating,” Rozario told Malay Mail Online.
“For RCS specifically, it appears that Hacking Team had no iOS exploits, and could only work on Android devices that were ‘rooted’.”
Jailbreaking and rooting are terms used to describe modifications to the operating systems of Apple and Android devices, respectively.
Both practices unlock capabilities that are either unintended by the manufacturer or not available as standard, but also introduce vulnerabilities that may not otherwise exist.
“So the best way to avoid being hacked would be to not use jailbroken or rooted devices, and keep all software downloads to the official app stores of the platform. Don’t open suspicious documents from strangers and keep your device updated with the latest OS and software,” he added.
RCS software allows Hacking Team’s clients to steal photographs and documents from one’s devices, as well as to record audio from Skype or phone calls, to copy text and WhatsApp chat messages, and even to turn on the location function on one’s phone.
An unidentified hacker, or group of hackers, recently leaked Hacking Team’s internal documents, source codes and email communications, revealing invoices that suggest the Prime Minister’s Office (PMO) and the Malaysian Anti-Corruption Commission (MACC) bought the RCS software from the online security vendor.
An excerpt of the invoice published in a report by CSO Online listed the PMO as an “Active” client as at March 31 this year, while MACC’s maintenance contract was listed as “Expired” as at January 31 last year.
Ryan Gallagher, a journalist from US news website The Intercept who specialises in government surveillance, told online podcast Reply All last week that the RCS software allows Hacking Team’s clients to steal photographs and documents from one’s devices, as well as to record audio from Skype or phone calls, to copy text and WhatsApp chat messages, and even to turn on the location function on one’s phone.
The Barisan Nasional (BN) government’s purported purchase of spyware is not new as Putrajaya was reported back in 2013 as using another surveillance software, known as FinSpy, that security researchers believed was more likely used against political targets than criminals.
Goh Su Gim, security advisor for the Asian branch of Finland-based computer security company F-Secure, said Hacking Team exploits vulnerabilities in Adobe Flash to infect devices without much user interaction, such as when users try to view malicious content on their unpatched Adobe Flash plugin on their browsers.
“On smartphones, these spyware could also masquerade itself in popular apps that are downloaded on to the phone from app stores,” Goh told Malay Mail Online, citing utility applications like a battery saver or a flashlight.
“The most reliable way to ensure there are no spyware running in your phone is to use the latest updated and reputable security software such as an anti-virus product that are able to detect them. F-Secure today protects our users from such spyware.
To prevent infection, a user should be wary about suspicious links that are sent to them through phishing techniques like email or instant messages, usually luring through the chance to win or get something for free.
The next best action to do is to get all operating system, browsers and plug-in patched against known exploits, he added. - Malay mail
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.