Itt is now possible for mobile phone hackers to bypass the
security system of the S60 3rd Edition phones with a mobile
application based on Symbian OS v. 9. The S60 3rd Edition is the
market-leading open operating system for mobile phones.
The newly developed hack is a so-called privilege escalation
hack. This means that hackers can get unauthorized access to the
phone's file system, which is normally protected. With this access
system modifications can be made. The new hack "makes modding an S60 phone as easy as jailbreaking an iPhone," says the F-Secure blog.
Hacks directed towards the S60 3rd Edition have been evolving
for some time. What makes this case different is that the new hack
can be carried out without external devices or system knowledge by
installing just one mobile application that is downloadable from
the web.
Because the application can be considered as a hacking
application, it is classified by F-Secure as riskware. F-Secure
Mobile Security software identifies this application and removes
it.
Commenting on the vulnerability, Jarno Niemelä, Senior Mobile
Virus Researcher at F-Secure, said, "The application needs to be
installed by the user, so this hacking tool is not a threat to the
average mobile user. Because the application lets a user access the
file system, we consider this as a security risk. Mobile virus
source code could be updated to work on 3rd Edition phones and with
the addition of this privilege escalation, hackers could do pretty
much the same things as they do on 2nd Edition phones."
More information about the S60 3rd edition vulnerability at the
F-Secure weblog:
http://www.f-secure.com/weblog/archives/00001451.html
F-Secure Mobile Security solution enables smartphone users to
enjoy the full potential of their devices without the fear of
mobile threats. The application combines real-time antivirus and
antispyware functionality with a firewall, ensuring complete
protection in today's connected lives.