CrowdStrike CEO to reveal 'major mobile vulnerability' at RSA

A significant vulnerability affecting all versions of the Webkit mobile browser could give malware complete control of your phone. The malware could listen in on your conversations, view through your camera and record everything in your email and messages. It can also track your locations at the time. George Kurtz, CEO of the new security company CrowdStrike, has told CSO he'll demonstrate how the vulnerability works at a presentation at RSA Wednesday.

According to Kurtz, the new vulnerability affects all Android, iOS and newer BlackBerry devices. It does not affect devices running Microsoft Windows Phone 7. Kurtz said this means virtually every smartphone and tablet in use globally shares this vulnerability. Worse, security software currently available for mobile devices won't detect such malware and won't protect against it.

Kurtz is perhaps best known for his revelations regarding the Chinese Shady Rat operation that compromised US government and defense contractors in 2011. Kurtz discovered the Chinese cyber attacks on the US while he was CTO at McAfee. He left that company after the Intel acquisition.

In his interview with CSO, Kurtz said that he compares the use of malware to the use of a gun. If someone is shooting at you, it makes more sense to take out the shooter rather than to stop the bullets, especially since the shooter can change the type of bullets he's using at any time. He said that users of malware can do the same thing and change the method of attack at any time.

Kurtz added that mobile devices are the next battlefield. "One of the things we talk about is the nation-state activity," Kurtz said. "We believe that this scenario is happening today. It's happening on mobile devices."

Kurtz said his company has been able to repurpose Chinese malware so it can take advantage of the Webkit vulnerability and take control of any mobile device. He said he's been able to control the camera and microphone on a mobile device, read email and text messages, and use the device to record what's happening around it. "It's the ultimate spy tool," he said.

Kurtz said the malware can be distributed by simply getting a user to click on a link that takes them to an infected website. Simply visiting the site would infect the device, and allow the remote operator of the malware to send data to a site anywhere in the world. "SMS messages could be a potential point of infection," Kurtz said.

For now, until the vulnerability is fixed, there's little anyone can do to prevent infection by the malware he describes, except to know not to click on links. In addition, he said it's important to make sure that software on mobile devices is kept updated, something that's not always possible on Android devices because of the fragmented update situation in the Android world.

Until security managers know that the mobile devices in their organizations have been updated, he said the best they can do is train users not to open links, and to be aware of what's installed on the devices. He also suggested disabling Android's ability to load applications from anywhere.

Kurtz will be present his findings Wednesday, at 10:40 a.m.

Read more about wireless/mobile security in CSOonline's Wireless/Mobile Security section.

Join the CSO newsletter!

Error: Please check your email address.

More about BlackBerryIntelMcAfee AustraliaMicrosoftRSAStrike

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Wayne Rash

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place