Selfie. A word that needs no introduction in the present days, as it has almost become a part of everyone lives, who use a mobile phone.

But the problem to be discussed now, how the hackers are able to hack the selfies from the phone, even though you think it is protected with a password.   

Experts warned that UAE consumers, especially those using iPhone gadgets, are prone to cyber attacks and any information about their personal lives, including photos, videos, places they’ve visited, contacts, SMS messages and even corporate data, could easily be hacked by others.

Regarding the same, Palo Alto Networks, a security company has released a whitepaper that describes how confidential data on personal and Mac computers can be hacked.

Experts said that private files could be illegally accessed through a technique that has been around for some time called “BackStab”.

They said hackers can steal SMS and MMS messages, call logs, contacts and address book information, calendars and notes, photos, email, recorded audio and videos, browser bookmarks, web browsing history, cookies from visited websites and geolocation history.

The whitepaper noted, “iOS devices have been the primary target, as default backup settings in iTunes have left many users backups unencrypted and easily identified, but other mobile platforms are also at risk.”

“While the technique is well-known, a few are aware of the fact that malicious attackers and data collectors have been using malware to execute BackStab in attacks around the world for years.”

Nicolai Solling, technical services director at Help AG, said that, hackers are able to steal  private data from their mobile phones by remotely infiltrating the unencrypted backup of their device which, in iPhone users’ case, is created in iTunes.

He said the attack targets mainly phones that run on iOS, Apple’s mobile operating system.

Solling further said, “The Backstab attack is quite interesting as it is an attack specific on iOS devices, which historically have seen less malware than other mobile platforms.”

“Backstab therefore highlights the innovation of the attackers by attacking the weakest link, in this case the backup of the iOS device, which is created in ITunes. So the infection or vulnerability is not on the iOS system, rather on how one of the supporting applications iTunes is handling the data.”

“This attack is actually known, but what is interesting is that the attackers are targeting the backup on the client’s machine. It highlights that any person or organisation needs to understand the immediate, as well as possible attack vectors on their IT infrastructure.”

To protect your mobile phones from getting hacked, Solling suggests the following tips.  

1. Make sure the backup of your device is encrypted - turn on encryption of the backup in iTunes or use the iCloud backup system and choose a secure password.

2. Regardless of the make or model of your smartphone, always run the latest release of the software of the operating system.

3. When connecting an iOS device to an untrusted computer or charger via a USB cable, don’t click the “Trust” button when the dialog box is displayed.

4. Never ever root or jailbreak your phone.

5. Only install applications you trust.

6. Always update the applications on the device.

7. Don’t do anything on your device that you don’t want others to see or hear; sharing locations or tracking devices should ideally be kept private.

By Phani Ch