Is that a Rootkit on your Windows Mobile device?
With so many mobile devices around these days and so many running Windows Mobile or Windows CE it is no wonder the boys at the top are already thinking about how these devices can be hacked and Rootkits installed
The rootkit could be used to hide a keylogger ( or would that be stylus presslogger ) and send the valuable information back to the author.
The article on the Symantec Blog today shows us that their researchers have already looked into the possibilities of rootkits hiding keyloggers and they have produced an Internal Whitepaper ( no doubt it will be leaked:-) )
”The results were, in short, not surprising. There are publicly known methods of API hooking on Windows CE. There is a publicly released keyboard logger in the compact .NET framework and there are numerous ways to load/inject DLLs into other processes. And, of course, direct kernel object modification is also possible.”
What we are left with now is not a case of “if” we will have Windows CE/Mobile Rootkit, it is a case of when. From their research it shows that rootkits are possible on Windows CE/Mobile devices it is just a matter of when it will become profitable for a malware author to actually actually create and put one into practice.
At some stage in the future we could get to the stage where if you answer a phone call on your Windows Mobile device you could get a keylogger and rootkit installed via some vulnerability.
Keep Safe,
regards
Steo
www.antirootkit.com
Referances: Windows CE/Mobile Rootkits
rootkit