New J2ME Security Vulnerabilities Affect Nokia S40 Phones
An independent security research firm has announced several new mobile Java(J2ME) security vulnerabilities. Two of the vulnerabilities affect the Java virtual machine(JVM) on mobile phones and the other 14 are specific to Nokia Series 40 phones. Series 40 mobiles are not Symbian smartphones and only run J2ME MIDlets.
The security research company has produced a 170+ page report on the vulnerabilities and a number of proof of concept(PoC) exploits. Usually when a researcher develops PoC code or malicious samples, they provide them directly to the security research community. In this case, the researchers are asking for €20,000(about $30,000) for early access to the research and malware. Generally after the release of vulnerability information, attackers will attempt to write exploits.
The reported vulnerabilities and exploits in the JVM could allow the running of untrusted Java MIDlets. After using those vulnerabilities, relatively recent phones running S40, 3rd edition are open to malicious MIDlets that exploit the others.
According to the researchers the vulnerabilities allow:
gaining additional privileges for a malicious MIDlet, even manufacturer or mobile carrier level
running a malicious MIDlet when the phone is first turned on
accessing files
sending SMS/MMS
making phone calls
reading your contacts
accessing the SIM card
eavesdropping using the camera and microphone
Java phones used to be affected by malware such as J2ME/Redbrowser or J2ME/Wesber which just cause premium rate charges. This is the first time that such phones have been vulnerable to more malicious malware.
More on CyberInsecure:
Leave a Reply
Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.