A young Israeli security researcher has developed a new free Android app tool that, in the wrong hands, could give novice hackers a chance to launch attacks and hijack targeted computers with the simple push of a button.
The “Anti” app, short for Android Network Toolkit, will hit the Android market next week, according to Itzhak “Zuk” Avraham, the app’s developer, who revealed the details of his hacking tool at last week’s DefCon hacker conference in Las Vegas.
Anti has a Wi-Fi scanning feature to detect vulnerable devices on nearby networks, and software to reveal the IP addresses of servers. Anti’s easy-to-use screen shows a menu of options, including “Man-in-the-Middle” (which lets users eavesdrop on nearby devices) and “Attack.”
The founder of Tel-Aviv-based security firm Zimperium, and still a university student, Avraham designed Anti as a penetration-testing tool to search out vulnerabilities in systems and programs so they can be fixed, Forbes’ Andy Greenberg reported.
“#Anti just found a remotely exploitable computer in the wild. Wow. This will make the world a safer place,” Avraham wrote in an Aug. 6 Twitter post.
Despite its intended use, and Zimperium’s plea that Anti be deployed only to test vulnerabilities, it’s difficult to imagine hackers won’t adopt Anti and use it for evil.
“Even in its current form, the app raises the possibility of dangerous, stealthy attacks,” Greenberg wrote. “A hacker could, for instance, walk into a coffee shop or a corporate office with his phone and start sussing out machines for data theft or malware infection.”
Last year, an app developer introduced “Firesheep,” a free Firefox add-on that allowed its users to view cookies sent over public Wi-Fi networks and gain unauthorized access to computers. Like Anti, Firesheep was touted as a tool to highlight the security gaps of popular websites and the insecurity of public Wi-Fi networks.
Naturally, hackers quickly adopted “Firesheep,” and it took another tool, FireShepherd, to put Firesheep out to pasture.
Article provided by SecurityNewsDaily, a sister site to Laptopmag.com.