Professional security researcher, hacker and MalCon speaker Atul Alex has analyzed the firmware for the Symbian S60 smartphone (which also runs on the Nokia 5800, Nokia X6, Nokia 5530XM, Sony Ericsson Satio and Sony Ericsson Vivaz) and created a modified firmware with a back door which allows a 3rd party to record telephone calls and download emails, telephone lists and text messages from the phone’s memory.
To use the back door, the new firmware must be downloaded on to the target phone in a manoeuvre reminiscent of the best Hollywood spy films. The compromised firmware, which is created by modifying version 5 of the original software, allows all of the smartphone’s functions to be remotely controlled, including the camera.
Once installed, the hack contacts the attacker via a wireless connection and transmits the device’s current IP address. The attacker can then connect to the phone remotely and any stolen data can be transmitted via 3G or WLAN to the attacker’s file server.
The H are reporting that the back door uses a technique to hide the extra process from the system’s TaskManager. The only way to remove the back door is to overwrite the firmware with Symbian’s original software.