While testing a theory about the cellular voice channel in smartphones being used as a covert channel “to conduct multiple covert malicious activities such as sending commands or even leaking information,” researchers discovered they could “easily bypass” Android security mechanisms and “answer incoming calls without the user or the system’s knowledge.”

Researchers from Golisano College of Computing and Information Sciences, at the Rochester Institute of Technology in New York, wanted to know if the cellular voice channel could potentially be used for “information leakage” or spreading malware by “carrying modulated speech-like data covertly.” They wrote, “Cellular service providers have not applied any information security protection systems, such as firewalls or intrusion detection systems, to guard cellular voice channel traffic in the cellular network core. Thus these channels are a prime choice over which to attempt a covert channel.” 

To read this article in full or to leave a comment, please click here