The undoubted success of very powerful and pervasively IP enabled cellular phones raises the obvious question whether the cellular world will also enter a severe security crisis like the PC itself. Moreover, this serious question is amplified through the use of new Open and even Web-OS oriented phone platforms. Considering the most dangerous security threat which might be given in the form of cellular botnets, a very recent paper measured already the potential impact of such a hypothetical botnet. While this theoretical work of Traynor et al pointed out some intrinsic challenges of a cellular botnet, they emphasized the significant threats of such botnets for the core network. Unfortunately, this paper shows that this new attack vector is quite real. Indeed, we describe a cellular botnet and our solutions to the cellular challenges. In addition to that we also sketch and evaluate our real implementation on the world's most popular smart phone - the iPhone. Our devastating results, clearly ring an alarm for urgent cellular phone protection mechanisms.
展开▼
