Newsletter 高速鐵路簡訊 . 交通部高速鐵路工程局
行動裝置惡意App分析與防護 Analysis and Protection for Malware Applications on Mobile Devices
經由行動裝置感染至電腦的攻擊方法。

隨著行動通訊裝置得蓬勃發展,相關安全議題已受到的廣泛重視。當機關開放員工可以使用個人行動通訊設備時,雖可減少資訊設備支出、提升工作效率與資訊化環境,亦可能在資訊安全防禦上產生威脅。一般而言,機關都具有一定層級的安全防禦措施,當員工個人的行動通訊設備被感染惡意程式時,透過USB連結機關內的電腦充電,此時惡意程式便能入侵到機構內的電腦,進行竊取密碼、開啟麥克風或視訊鏡頭,竊錄環境音或影像,被竊資料經由員工個人的行動通訊裝置,傳送到駭客的FTP。
目前行動裝置使用的社群或視訊軟體眾多,如Line、Facebook、E_mail、Juiker、Wechat、QQ等,如果使用這些社群或視訊軟體,惡意程式將透過被害人的好友群組發送訊息,其詐騙手法計有:1.傳送APP簡訊惡意連結,造成手機中毒,達到盜取個資或進行小額詐騙;2.要求手機個資代收認證碼,進行小額詐騙;3.代為購買點數,要求被害人提供點數卡密碼換取現金;4.要求撥打0809031088號碼,完成認證,開通露天賣家帳戶等,
如何防止行動裝置感染機構內的電腦?除了避免員工個人的行動裝置直接與電腦連結外,更應建立行動裝置安全使用(個人安全防護)觀念。當下載APP進行安裝授權時,個人安全防護觀念應立即啟動,首先應先檢查該APP的評分、評論、下載次數及開發軟體公司等,若無任何評論,又不是新上架的,那麼應避免進行安裝授權。接著應啟動4A1D(行動化裝置安全防護):認證(Authentication)、授權(Authorization)、權限(Attribution)、稽核(Audit)、資料保護(Data Protection)︰1.確實審視APP授予使用權限;2.禁止任意將APP帳號交付他人;3.行動裝置於公共場所勿離開個人視線;4.無必要之通訊服務應關閉;5.限制下載APP。
目前行政院推動公務機關使用之揪科(Juiker)即時通訊軟體,為本國開發之系統,以安全性為考量架構建置,安全性及網路語音通話品質優於Line,揪科可做到「虛實融合」,較為方便及安全。

With the rapid development of mobile communication devices, related security issues have raised extensive attention. When organizations open the choice for employees to carry and use their personal mobile devices, the advantages include reduction in IT equipment expenses, improvement of work efficiency and IT environment will be achieved; however, this may pose a threat to the defense of information security. In general, the organizations have a certain level of security defenses. When an employee's personal mobile device is infected with malware by charging the device by the computer via USB connection, the malware infects the computer. Then, the malware steals passwords or turns on the microphone or video camera to record environmental sounds or image and the stolen information will be sent to the hacker’s FTP via the mobile device.
Currently, there are numerous social network and video call applications for mobile devices such as Line, Facebook and E_MAIL, Juiker, WECHAT and QQ.
When using these social network applications, the malware can hack into the victim’s friends and groups and send messages. This kind of hacking method include the following four types: 1. By sending APP messages inclusive of malware links and infecting the cellphone with a virus then hacking personal information and conducting small fraud. 2. By demanding personal information and collect verification codes to conduct small fraud. 3. By purchasing game cards on behalf of the victim and asking for the password to exchange for cash. 4. By demanding the victim to call 0809031088 to complete verification and open a Ruten Online Auction seller account.
How will we prevent computers in the organization from being infected by mobile device virus attacks? In addition to avoiding direct connection of mobile device to computer, we have to establish the concept of application safety and the use of safety (personal security) when using mobile devices. When installing and authorizing system APPs, the concept of personal security should be activated simultaneously where the first step is to check ratings and reviews, download amount and the software development company. If the APP is not newly released but has no comments, installation and authorization of the APP should be avoided. The next step is to initiate the mobile device security management (4A1D: Authentication, Authorization, Attribution, Audit and Data Protection) indicated 1. To review APP granted utilization rights, 2. To prohibit arbitrarily giving APP accounts to others, 3. Not leave sight of mobile devices in public places, 4. To shut down unnecessary communication services and 5. Limited APP downloads.
Currently, the Executive Yuan has promoted Juiker, a domestically developed application, to be the dominant application for government agencies. The structure of Juiker was based on security considerations and presents better security features and network communication quality than Line. Moreover, Juiker can accomplish “cyber physical” function which is more convenient and safe.

  • 各類詐騙手法。
  • 分享: