Mozilla addresses teenager's purported mobile Firefox OS malware

Share this article:
The 17-year-old researcher told Mozilla that he will not reveal any of his technical secrets.
The 17-year-old researcher told Mozilla that he will not reveal any of his technical secrets.

Shantanu Gawde, a 17-year-old independent security researcher, is the first person to infect the mobile Firefox OS with malware, but he will not reveal any of his technical secrets until after he presents them at the Ground Zero Summit in India early next month.

At the four-day information security event in New Dehli, Gawde will show how his malware will allow him to give commands to remotely access the phone's SD card, remotely transfer all contacts, track users' geographic location, control radio functions, and upload and download pictures, music and videos.

“We are aware of plans to demonstrate a purported malware app able to perform malicious tasks on the Firefox OS phone,” Andreas Gal, Mozilla vice president of mobile, said in a Friday email to SCMagazine.com.

The mobile Firefox OS developers reached out to Gawde, but when it comes down to the technical details, the teenage researcher told Mozilla that – as per the rules of the conference – his lips will remain sealed for now.

However, this has not stopped the mobile experts with Mozilla from theorizing what Gawde plans to reveal during his presentation.

“Such attacks usually rely on developer mode functionality, which is common to most smartphones, but disabled by default,” Gal said. “In addition, we believe this demonstration requires the phone to be physically connected to a computer controlled by the attacker, and unlocked by the attacker.”

Only time will tell if this is what the young researcher will demonstrate, but it may not be the case, since Gawde said that the threat is particularly serious because there is no way of detecting or stopping the attack.

Not wanting to speculate without the full picture, a Mozilla spokesperson told SCMagazine.com on Friday that the company would speak more openly about Gawde's malware following the reveal.

Mozilla's mobile operating system is fairly new. The ZTE Open is the first smartphone to be shipped out containing the Firefox OS, which is a Linux-based open-source operating system featuring HTML5-based applications.

Share this article:
close

Next Article in News

Sign up to our newsletters

More in News

Brazilian president signs internet 'Bill of Rights' into law

Brazilian president signs internet 'Bill of Rights' into ...

President Dilma Rousseff signed the legislation on Wednesday at the NetMundial conference in Sao Paulo.

Android trojan sends premium SMS messages, targets U.S. users for first time

Android trojan sends premium SMS messages, targets U.S. ...

An SMS trojan for Android, known as FakeInst, has been observed sending premium SMS messages to users all over the world, including, for the first time, the United States.

Report: DDoS up in Q4 2013, vulnerability scanners leveraged to exploit sites

Report: DDoS up in Q4 2013, vulnerability scanners ...

Researchers observed 346 DDoS attacks in the final quarter of 2013 and attackers used Vega and Skipfish vulnerability scanners to exploit web flaws at financial companies.