New Man-in-the-Middle Attack Targets Smartphones

By

DoubleDirect technique can compromise both Android and iPhone systems.

A new man-in-the-middle attack is reportedly allowing attackers to steal credentials and deliver malware to smartphone systems. The DoubleDirect technique works on mobile phones and tablets running either Android or iOS.  The technique is described in a blog post by the mobile security firm Zimperium. The post states that DoubleDirect lets the attacker redirect services from Google, Facebook, Twitter, Hotmail, Live.com, and other sites, and attacks have been documented in 31 countries.
Zimperium says the attack employs the ICMP Redirect feature routers use to notify mobile hosts that a better route is available. According to the blog post, “… an attacker can also use ICMP Redirect packets to alter the routing tables on the victim host, causing the traffic to flow via an arbitrary network path for a particular IP. As a result, the attacker can launch a MITM attack, redirecting the victim’s traffic to his device.”
The blog post includes a link to a tool that Zimperium has developed to look for the presence of DoubleDirect.

11/25/2014

Related content

comments powered by Disqus