Windows Phone 8 malware? This teen hacker claims to have created a prototype

Filed Under: Featured, Malware, Microsoft, Mobile, Privacy, Windows phone

Windows Phone 8A teenage hacker prodigy in India claims to have developed a prototype of malware that will run on smartphones running Microsoft's new Windows Phone 8 operating system - the first known instance of Windows Phone 8 malware.

The researcher responsible for the prototype, Shantanu Gawde, is known as India's "youngest ethical hacker". He says he will unveil the malware prototype at the Malcon security conference in New Delhi, India, later this month.

Gawde's presentation will "demonstrate approaches and techniques for infecting... Windows Phone" including "how to steal contacts, upload pictures and steal private data of users, gain access to text messages etc."

However, little is known about the malware. For example, whether it relies on an exploit of an underlying vulnerability in Windows Phone 8 or masquerades as a malicious mobile application.

Dave Forstrum, director at Trustworthy Computing, Microsoft, commented:

"Microsoft is aware of the upcoming presentation but further details have not been shared with us. As always, we will investigate any issues disclosed in the talk, and will take appropriate action to help protect our customers."

At 16, Gawde is the world's youngest Microsoft Certified Application Developer (MCAD), having earned that designation at the age of just seven. In 2011, he presented a malware application that used Microsoft's Kinect gesture recognition technology at the same conference.

The Windows Phone 8 mobile operating system was released on October 29. It marks a major re-make of the Windows Phone 7 OS and includes higher screen resolution and support for multi-core processors, as well as Near Field Communications (NFC), a wireless technology that is integral to evolving mobile payments solutions.

The new OS also boasts some additional security features, including secure boot and native 128-bit Bitlocker encryption.

Microsoft also claims that the apps available in its mobile application store are "certified" - and vetted for malicious code and other security issues.

, , ,

You might like

9 Responses to Windows Phone 8 malware? This teen hacker claims to have created a prototype

  1. Nick · 1059 days ago

    Oh, so he works for MS. Well that's a relief.

    • ShadyJ · 1059 days ago

      Having a MS certification does not mean somebody works for MS.

  2. mike · 1058 days ago

    ethical and hacker should never be in the same sentence!

    • Matt · 1057 days ago

      Wow, you obviously know nothing of hacking... Lol, your comment is laughable.

    • An "ethical" hacker will find the security holes that a "black hat" hacker will eventually find, then notify those who can fix the holes so they can release a patch.

  3. Dennis Suitters · 1058 days ago

    If their own employees can hack their own systems, that pretty much means anyone can.

  4. Paul Ducklin · 1058 days ago

    So his claim to prodigy fame is that he wrote some malicious code in 2011 and has managed to write some more in 2012?

    Wouldn't he be more of a prodigy if he had written some genuinely useful code in 2011 and followed it up with something even more useful in 2012?

  5. Anonymous · 560 days ago

    there is no such system that cannot be hacked.....
    as the very new os comes in the market a hacker is born to hack it....

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Paul is a Boston-based reporter and industry analyst with more than a decade of experience covering the IT industry, cyber security and hacking. His work has appeared on, The Boston Globe,, NPR's Marketplace, Fortune Small Business, as well as industry publications including ZDNet, Computerworld, InfoWorld, eWeek, CIO , CSO and Paul got his 15 minutes as an expert guest on The Oprah Show - but that's a long story.