• BackStab : Un nouveau type de malware vise les back-ups d’iOS et Blackberry

    We have recently identified 704 samples of six Trojan, adware and HackTool families for Windows or Mac OS X systems that steal private user data from backup files of iOS and BlackBerry® devices (Table 1). These attack tools have existed for up to five years, and we have observed them used in attacks in 30 countries around the
    world.

    Table 1 :

    Rather than attacking a phone directly, BackStab involves accessing private information that was extracted from the phone through a regular backup routine and stored on a traditional desktop or laptop computer

    [...]

    Choosing to encrypt backup files with secure passwords, preventing their systems from being infected with malware, and generally practicing good cyber hygiene will enable users to keep their data safe from BackStab

    Plus de détails sont dans le .pdf

    https://www.paloaltonetworks.com/content/dam/paloaltonetworks-com/en_US/assets/pdf/reports/Unit_42/unit42-backstab.pdf

    backup: http://docdro.id/W5v9gQ6

    What can an attacker retrieve from backup?
    Just as Apple explains on the About backups in iCloud and iTunes page, “an iTunes backup includes nearly all of your device’s data and settings.” Through a successful BackStab attack, an attacker can steal the following information and data from an unencrypted iTunes backup:
    • Call logs, SMS and MMS messages, and voice mail
    • Contacts and address book information
    • Email, calendars, and notes
    • Photos, recorded audio and videos
    • Web browsing history, browser bookmarks, cookies from visited websites
    • Geolocation history
    • User’s own documents saved in the phone
    • Wi-Fi and Bluetooth connection history
    • Some apps’ internal data, such as session ID (which could be abused in other attacks)
    • Device information, IMEI, ICCID, phone number, serial number

    #BackStab #malware
    #iOS #iTunes #iPhone
    #DarkComet
    #USBStler
    #InstallCore