Indian Teenager Upsets Microsoft With Windows Phone 8 Trojan


Bangalore: A teenager has reportedly created a prototype malware code for Microsoft’s latest Windows Phone 8 that steals private user data, upload pictures, access text messages and more, reports techradar.

The malware created by 16-year-old Shantanu Gawde, a high school student, posses as legitimate app and when installed once, gets access to user data.

Microsoft is fortunate since the malware poses no threat to its mobile OS as Gawde is an “ethical hacker" from India’s National Security Database program.

The malware is built for educational purposes and to raise awareness about how malware authors can target the platform, Gowde said via email, reports IDG News Service.

"The app will be shared with antivirus vendors and Microsoft after the conference so as to enable mitigation of such threats.""The malware uses legitimate WP8 functionality without resorting to other methods such as 'homebrew apps' and interop capabilities," Gawde said. "The idea behind the app was to code it in such a way that it would be accepted into the marketplace [Windows Phone Store], whilst having hidden functionality."Gawde declined to reveal other technical details about the malware ahead of his presentation at MalCon.

Though the present malware is from an ethical hacker, it did not fail to raise security concerns about Windows Phone 8.

Microsoft has yet to see Gowde’s findings, so hadn’t commented on the nature of the risk the Trojan poses. However the company’s Computing Director Dave Fornstrum has said that the company would “investigate any issues disclosed” in the MalCon talk and “take appropriate action to help protect its customers”.   

Although the finding could tarnish the credibility of Windows Phone 8, it also opens up an opportunity to act on the security issues so that other “real” threat may not cause serious malice. However security breaches are not uncommon in the mobile phone area, like a killer code once installed in the Samsung devices, which began an irreversible and unstoppable factory reset. It was however countered by software upgrade.

Nevertheless, his malware can instigate many red faces at Redmond, particularly given the tender age of the hacker.