Hello Linux Geeksters. The first Malware application for Firefox OS has been created by a 17 year old Security Researcher and will be demonstrated at the Information Security Summit – The Ground Zero (G0S) 2013, which will happen between7th – 10th November, this year.
Among others, the malware app is capable of accessing the SD card, transfer contacts remotely, track the user’s location, upload and download content to and from servers and control the FM radio.
But Mozilla’s mobile operating system is different from the others. It contains two types of apps, packed, which are some zip archives providing all the assets: HTML, CSS, JAvaScript and the other components, and hosted, which are just websites installed locally. The developer exploited the Web API in order to hack the device.
This is how the Mozilla developers commented this problem:
“We are aware of plans to demonstrate a malware app able to perform malicious tasks on the Firefox OS phone. Such attacks usually rely on developer mode functionality, which is common to most Smartphones but disabled by default. In addition, we believe this demonstration requires the phone to be physically connected to a computer controlled by the attacker, and unlocked by the user.”
For those who don’t know yet, Firefox OS is a new mobile operating system, based on Linux and developed by the Mozilla developers. Until now, it has been released with low entry phones developed by LG, Alcatel, ZTE and Geek. Despite the fact there aren’t any plans for porting Firefox OS to tablets yet, it has been demoed on a Nexus 7.