Mobile Evil Twin Malnets - The Worst of Both Worlds

The mobile computing world is undergoing major changes both in the capability as well as in the proliferation of mobile devices. While, up to now, mobile malware has played a relatively small role compared to the behemoth of desktop malware, the changing environment is steadily increasing the attractiveness of mobile devices as exploitable resources. The increased usage and connectivity of mobile devices opens up a much larger set of attack vectors to compromise them. In this paper, we adapt the evil twin rogue access point attack to the mobile domain and show how it can be used to create a mobile malnet, which is capable of spreading epidemically. We implemented the key components of the concept for the iPhone to study its properties in a laboratory environment. To demonstrate the dangers which come along with this kind of attack we simulate a metropolitan area and show how fast a malware can spread in a mobile environment.