The fact that they're collecting IMEIs is interesting. One of the little discussed facts about smartphones is that they make it trivially easy to change the IMEI.
On the Galaxy S you can simply mount the NVRAM where it is stored as r/w and change it, and any other data you want.
For those who don't know the IMEI number is what physically identifies an actual handset, like a MAC address, except that the networks/authorities view it as being more of a watertight way to identify someone, as up until recently changing them has required a soldering iron.
This malware's behaviour implies what I have suspected for some time, that there is a black market for IMEIs, likely being used for organised criminals to remain anonymous, or to enable the resale of stolen handsets.
Anyone fancy taking a guess at what an IMEI is worth on IRC these days? CC#s are meant to be about $0.10 each aren't they?
Haha, I don't know, it's always been easy to get a new IMEI. Go to one of those "cell phone support forums", advertise an unlocking service, ask for IMEI, receive in your email. With a little more work you could monetize it but botnets for CC#s are probably a lot easier, and 419's provide even more pay for the effort involved. But then again i'm not a kid in some 3rd world country looking for a quick buck so who knows, Android apps could be a really interesting proposition.
Just now its easier to make up an IMEI..but how soon before
the network infrastructure rejects that new IMEI? As that would be the key if the new IMEI had blackmarket value or not..obviously you cannot have two of the IMEIs be the same on the MO network..there are also several other issues...
On the Galaxy S you can simply mount the NVRAM where it is stored as r/w and change it, and any other data you want.
For those who don't know the IMEI number is what physically identifies an actual handset, like a MAC address, except that the networks/authorities view it as being more of a watertight way to identify someone, as up until recently changing them has required a soldering iron.
This malware's behaviour implies what I have suspected for some time, that there is a black market for IMEIs, likely being used for organised criminals to remain anonymous, or to enable the resale of stolen handsets.
Anyone fancy taking a guess at what an IMEI is worth on IRC these days? CC#s are meant to be about $0.10 each aren't they?