Android and iOS users vulnerable to new attack

Status
Not open for further replies.

BoraMurdar

Community Manager
Thread author
Verified
Staff Member
Well-known
Aug 30, 2012
6,598
A new attack technique, known as DoubleDirect, enables an attacker to redirect a victim’s traffic to the attacker’s device. Once the victim is redirected, the hacker can gain access to the victims credentials and deliver malicious payloads to the victim’s mobile device that can not only quickly infect the device, but also spread throughout a corporate network.

Mobile security firm Zimperium has detected the attack against the customers of web giants including Google, Facebook, Live.com and Twitter, across 31 countries.

The DoubleDIrect attack focuses on either iOS or Android users. It does not affect users running Windows or Linux because their operating systems don't accept ICMP redirection packets that carry malicious traffic.

Zimperium explains the attack as follows:

DoubleDirect uses ICMP Redirect packets to modify routing tables of a host. This is legitimately used by routers to notify the hosts on the network that a better route is available for a particular destination. However, an attacker can also use ICMP Redirect packets to alter the routing tables on the victim host, causing the traffic to flow via an arbitrary network path for a particular IP.

As a result, the attacker can launch a MitM attack, redirecting the victim’s traffic to his device. Once redirected, the attacker can compromise the mobile device by chaining the attack with additional Client Side vulnerability (e.g: browser vulnerability), and in turn, provide an attacker with access to the corporate network.
 
  • Like
Reactions: MalwareT
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top