“The camera becomes your eyes and the microphone becomes your ears. You can see that your current appearance is exposed to the other person as they are. You can track your location and you can listen to and view text messages and calls.
This is a scene explaining the “spyware” installed on a smartphone in the Netflix movie “I Just Dropped My Smartphone”. The film, which was released on the 17th and is currently running at the box office, is a thriller about the story of spyware planted in a smartphone without the protagonist’s knowledge, sharing personal information and life daily life with criminals in real time, and ultimately leading to the collapse of life.
Nami, an office worker, loses her smartphone on her way home from work. After retrieving the smartphone, Junyoung secretly installs “spyware” on Nami’s phone and returns it. Jun-young, who learns about Nami’s daily life, including hobbies, tastes, professions, traffic routes, economic power, and human relationships, uses Nami’s smartphone to approach Nami while hiding her identity. The joy of finding a smartphone is short-lived, but after that day, Nami’s normal day-to-day life gradually turns to disaster.
Although the cinematic imagination is added, it is actually possible that spyware could monitor every movement of mobile phone users, or it could cause secondary harm to others by disguising itself as that person with personal information obtained from smartphones. is a cybercriminal technique.
◆ You can look at a male phone as if you were looking at your own phone?… Experts “technically enough”
In the play, the “spyware” planted in Nami’s smartphone by Junyoung is literally malware that steals various information such as username, password, and credit card information in real time by hiding in the smartphone or computer as a spy.
The power of spyware depicted in the film is horrifying. Junyoung collects all the information stored in Nami’s cellphone in real time and uses it for the crime. Bank account password, public certificate password, SNS password, smartphone password, phone model, etc. are basic. Using the camera, you can check your home CCTV, if you live alone, your commute to work, and even the cafe you frequent.
Experts say many of the smartphone malware introduced in the film are technologies currently being exploited by cybercriminals.
Moon Jong-hyun, director of East Security, said, “It is technically possible to have a hacking program that allows you to steal a smartphone as if you were looking into the palm of your hand.” Real-time monitoring technology of phone users is also not technically impossible.
He recommends turning the camera to the other side for those who shower while listening to YouTube among singles. This is because hidden cameras are possible if malicious code is installed.
Director Moon added, “However, the use of a real-time camera recording function can easily be discovered by users, so in fact, the information-stealing function, which steals information while remaining on the phone for a long time without being noticed, is mainly used.”
◆ disguised as an AS article and planting malicious programs?… In reality, I aim for a moment of distraction
In the movie, there is a scene where Joon-young pretends to be an AS employee and plants spyware in order to install malware on Nami’s smartphone.
Security experts say that secretly planting malware on smartphones is easier in real life than in the movies. It is explained that malware can be distributed via smishing text messages that people often receive, “Please verify delivery” or KakaoTalk links.
Choi Sang-myung, Director of Dark Tracer, pointed out, “In real life, not only are you exposed to spyware by accessing a specific site or simply clicking on a URL, but you can also send spyware and infect them via text message even if you know the user’s phone number.”
Its warning is that even if the user does not install it intentionally, the smartphone will be infected with spyware during the process of interpreting the text message. Director Choi explained, “This is an exploit of an operating system vulnerability that has not been patched (resolved), and that is why Samsung Electronics recently applied the security solution” Samsung Message Guard “to the Galaxy S23 series.”
Security experts say that because malware such as spyware evolves rapidly, it is impossible to defend against it completely 100%. However, it is emphasized that damage can be minimized by following basic precautions. For example, it is necessary to form a habit of always updating the operating system (OS) to the latest version and check the infection of malicious code in real time with a security program.
Moreover, the application is downloaded from the reliable official site. It is also necessary to learn how to manipulate the smartphone remotely in anticipation of a smartphone hacking situation. If you are an iPhone user, the “Find My iPhone” feature is helpful. If you are an Android user, you can remotely secure your smartphone with your Google account.
◆ I asked for ‘money’ from courier acquaintances? 2nd offense actually
In the film, Junyoung was able to buy Nami’s favor by discovering her favorite sports, games, and songs through her recent search history and conversations on SNS and Messenger on her smartphone. In addition, information such as company, annual salary, number of overtime hours, year of employment and number of employees were identified and used for secondary crimes.
Experts say to avoid secondary damage from information leakage, do not share too detailed personal information online such as SNS, and additional account authentication including biometric authentication methods such than fingerprint or iris authentication when using email, SNS or email account services The procedure has been recommended.
A security expert said, “Many people use the same username and password for their email account and multiple portal sites or service application accounts, and the authentication procedure is poorly defined. it’s not uncommon to get robbed,” he said. why crimes such as spamming one’s own email account or borrowing money from acquaintances via messengers or SNS are commonplace.
【Seoul = Newsis】
“Music maven. Introvert. Bacon evangelist. Extreme writer. Internet aficionado. Travel scholar. Lifelong problem solver.”