The mobile security startup Kaprica Security has designed a charger, dubbed Skorpion, that is able to scan user’s Smartphone for malware and sanitize it if necessary. In the past we read about the Mactans charger, a malicious hardware that could infect any Apple connected iOS devices, and we explored the way to use a Raspberry Pi to realize a physical backdoor to gain remote access to an office network, but it is the first time that we explore the use of a charger for a defensive purpose. The operation appears to be simple:
“Simply connect your Android device to the Skorpion charger and it will be scanned for malware, viruses, and malicious rootkits while it charges” is the ad message proposed on the web page of the product.
If users leave the phone plugged into the charger, it will reboot automatically at preconfigured time and perform the scanning of the handset searching evidences of malicious activities. Once detected a menace the Skorpion charger provides an alert turning on at a red light and it is also able to automatically repair the mobile using a previous healthy image of the operating system it has already stored.
The Skorpion charger will be co-branded with consumer electronics maker Belkin, which is manufacturing the device, and will be available on the market late this year or early next year for around $65, with a monthly subscription fee of $3 or $4 for updates and alerts. According the researcher at Kaprica Security the charger acting as a physically separate device is able to detect malicious applications on the handset, in many cases in fact a malware could be able to disable security mechanisms of the mobile but it cannot avoid the scanning made by the charger. Kaprica cofounder and CEO Doug Britton confirms that the Skorpion charger analyzes the mobiles files and data without relying on the phone resources (e.s. Operating system, memory, processor) and for this reason it could not be deceived. The Skorpion charger will be able to work with any mobile operating system despite its technology has been focused for Android OS. Britton, who previously worked at defense contractor Lockheed Martin, confirmed that The Skorpion charger is not vulnerable to malware and that, differs from residential applications, its behaviors could not be altered by the presence of a malware. The real problem is that the number of attacks against mobile devices is on the rise and the cyber threats are even more sophisticated, as confirmed also by last report proposed by F-Secure of the security landscape for H1 2013. Almost the totality of malware is focused on Android OS, the mobile platform with the major market share. Despite the cyber threats are in continuous evolution Britton is convinced that also silent attacks on a mobile device could be detected analyzing suggests attack patterns. What happen it a hacker is able to compromise the charger? Nothing according the designer of Skorpion charger because it cannot add new applications or code to the mobile device. Although I consider it extremely interesting project will raise some exceptions: Essentially the charger analyzed the mobile handset while it is in charge and not when it is in use, this is a great limitation. Some malicious code could be dormant during this phase and event sophisticated techniques could not find them. I think for example to recent proof of concept proposed by researcher Daniel Pistelli who demonstrated how to exploit a Mac internally encryption mechanism to create an undetectable Mac OS X Malware. Another potential weakness is the update process that seems to use handset connectivity, this step is critical in my opinion and this phase that could be exploited by a hacker that could tamper them. Nothing is totally secure ..
(Security Affairs – Skorpion charger, hacking, mobile)