Forensic Analysis of MERS Smishing Hacking Attacks and Prevention
暂无分享,去创建一个
In June 2015, Smishing text and malicious code designed to take advantage of the confusion caused by the Middle East Respiratory Syndrome(MERS-coV) appeared. The Korea Internet & Security Agency(KISA), says recent MERS-related information is used for Smishing text messages with the malicious code disguised as a document being circulated via e-mail attachments. Because the infection following attached e-mails intends to remotely control the system of the infected PC, there is a possibility to cause that further damage may result. This study aims to analyze the Smishing text and malware contents, and the form of hacking attacks taking used to take advantage of the confusion caused by MERS. Smishing is based on text messages. The principle of damage resulting from smishing incidents is described below. A hacker sends messages in SMS(Short Message Service) to a targeted user. As soon as the targeted user clicks the attached link, it causes the application with malicious code to be downloaded. The hacker distributes malicious code like Trojan horse to targeted user"s smartphone while the user is not aware of it. The hacker then acquires text messages, reception alarm, camera, phone numbers, financial information, and personal information in the smartphone through the malicious code or malicious application, while controlling the functions of the smartphone. The hacker masquerades as the targeted user to use user"s personal information to cause financial damages through banking approval. A smishing attack for inducing installation and execution of a malicious application(masquerading APP Store) through SMS. Victims of the attack are installed with the malicious application "APP Store". The victims are displayed with a message "Error: installation fails. Because the file is corrupt, you cannot use it. Check it in the homepage". When the victims click the link connected with the URL, the message that asks deletion of the application is displayed. In this case, although any one of Ok and Cancel is pressed, the malicious function is executed. The text message sent to the victims is then sent to the hacker to conduct hacking (3).
[1] Dea-Woo Park. Analysis of Mobile Smishing Hacking Trends and Security Measures , 2015 .
[2] 박대우,et al. A Study of Intrusion Security Research and Smishing Hacking Attack on a Smartphone , 2013 .
[3] 박대우,et al. 압수 수색된 안드로이드와 윈도우모바일 스마트폰의 포렌식 증거 자료 , 2013 .
[4] Nasir D. Memon,et al. Digital Forensics , 2009, IEEE Secur. Priv..