28

I used a dongle before getting a phone, but now use my phone as a hotspot. I don't want my phone to get malware or viruses.

Can my phone get viruses if I use it as a hotspot while downloading torrents?

Mat
  • 111
  • 7
user105748
  • 333
  • 1
  • 3
  • 3

12 Answers12

68

By just passing (potentially malicious) traffic through, it is very unlikely. After all, routers on the Internet are relaying tons of malicious traffic everyday without getting compromised themselves.

However the danger begins when your computer itself gets compromised from a malicious file downloaded via torrents, and from there the malware on your computer could compromise other hosts on your network such as your phone.

André Borie
  • 12,706
  • 3
  • 39
  • 76
32

When your phone is acting as a hotspot it's basically just a router connecting two protocols together (802.11 and either LTE or GSM). It's not actually interpreting any of the data passing though, as that would use a lot more CPU and memory. It's literally just passing data back and forth at OSI Layers 2 and 3.

That said, it's no different than other routers on the Internet when it's behaving like this, and all the other routers on the Internet which have malware, viruses, and all sorts of other bad traffic passing through them are not affected, because they are just passing encapsulated packets and not interpreting them.

So any type of traffic passed in this manner, torrented or not, will not infect your phone when you use it as a hotspot.

TRiG
  • 609
  • 5
  • 14
Trey Blalock
  • 14,099
  • 6
  • 43
  • 49
  • I more or less agree with this, however there are exploits that target OSI layers other than the application layer - SYN flooding is an example. For the sake of argument, an attacker could seed a Torrent that targets a particular brand of mobile device (e.g. skins or backgrounds) and use the torrent to learn the un-NAT-ed address of the 3G/4G connection. If there is a known exploit for that type of device, they could then use this information to perform a more targeted attack. It's a contrived example, but for the sake of argument it might increase the likelihood of such an attack. – Aaron Newton Mar 31 '16 at 13:18
9

Not really. The torrent data just flows through the phone, it does not analyze or execute the data except what is necessary to forward it to the PC. Also, remember that torrent does not always mean malware.

Creator
  • 134
  • 2
  • 2
6

It highly depends if your phone has a public IP or behind a NAT in this case. If it has a "white external IP", it can be potentially hacked as all the rest of the addresses that can be accessed directly. If it's behind a NAT, then no problem.

schroeder
  • 123,438
  • 55
  • 284
  • 319
Alexey Vesnin
  • 1,565
  • 1
  • 8
  • 11
  • Plus 1 for being the only post to point out that using a 3G/4G connection on a peer-to-peer connection could expose the un-NATed address. As a privacy concern, a law enforcement agency or malicious user could more easily track the torrenting back to your specific device or SIM. This would be more difficult if the device were abstracted through another networking device via NAT - although without additional measures - such as a VPN - they would still be able to track it back to the networking device providing the address translation (such as the local router). – Aaron Newton Mar 31 '16 at 12:56
  • @AaronNewton sure they can track down an IMEI/IMSI pair, if you're not using routing path protection like Tor or I2P. – Alexey Vesnin Mar 31 '16 at 13:14
  • Exactly. I had a think about it and I posted a response to Trey Blalock's answer. For the sake of argument, if I own a 'PhoneCo' brand phone, I'm more likely to be interested in downloads for PhoneCo, such as skins. An attacker could seed these skins as a torrent. Even if I run the torrent application on my PC tethered through the phone, they would have still learned my un-NAT-ed 4G address. They could then use a known exploit for PhoneCo phones to execute a targeted attack on the device. It's far-fetched, but food for thought. – Aaron Newton Mar 31 '16 at 13:30
  • @AaronNewton yes, libtorrent and the software based on it can leak a hell-ton of data, that's why it must be onion-**routed** or I2P-**routed**, not just proxified. – Alexey Vesnin Mar 31 '16 at 14:05
  • And I guess the crux of my argument is that an older-model smartphone with known 3G/4G exploits is an appealing target compared to devices sitting behind a firewall. Thank you for the interesting discussion. 10,000 free smileys for Android anyone? – Aaron Newton Mar 31 '16 at 14:18
2

Content downloaded from the torrent may be or contain viruses and other malware's but torrent itself is not so.

TORRENT is a file extension for a BitTorrent file format used by BitTorrent clients. Torrent files contain text and point out the trackers for a download to begin downloading from distributors (known as seeders) and requesting clients (known as leachers).

I think the mobile wouldn't get infected by merely using it as the hotspot device. The router or any device that routes the traffic is generally not affected by any kind of traffic flowing through it.

2
  1. By virtue of being connected to the internet at all, there is always a potential that your phone could be attacked and compromised.
  2. On the other hand, making your phone act as a hotspot should be unlikely to increase that risk, even if downloading torrents.
  3. On the other other hand, if you do questionable things with devices on your internal network (i.e., with devices using your phone as the hotspot), you're increasing the likelihood that one of those devices becomes compromised, thus making it easier to attack the rest of your internal network (including your phone).
jamesdlin
  • 2,015
  • 1
  • 12
  • 13
1

Vulnerability for this transport are quite unlikely, which is more than extremely unlikely as for routers because Hotspot is not (pure) routing as other said.

phone's hotspot has a DHCP (super)user program that assigns in the IP/802.11 transport local IP addresses to the potential N wifi clients and dialog with the kernel over EDGE or UMTS or LTE or similar through a single IP address assigned by the mobile operator.
Once the local IP addresses are assigned, the packet are masqueraded by the kernel mapping N*64k ports to 64k ports (which suffers for example of output source port numbers saturation). That's a bit more processing than routing. This overhead is simply a bit more at risk (of kernel code vulnerability) than a router on internet.

In general I discourage use of client applications that gain risks possibly against art.

user160083
  • 54
  • 3
0

No. Because torrent is not a virus. It's a software or technique to share data worldwide securely. Its increasing greatly from last 1 year.

When you download torrent your cellphone is working like a router just transferring the data to the end user without reading or executing the file.

Ulkoma
  • 8,793
  • 16
  • 65
  • 95
0

Unlikely, The phone is simply acting as a router and does what a router does best, It's forwarding data between networks.

The phone itself will have a public IP on it(given to you by your service provider), so to an extent it can be attacked because the server/network you are downloading from can identify that public IP. But if you are downloading torrents the only responsibility the phone has is to forward the level 3 packets to your PC. It does not de-capsulate the packet higher than level 3 nor can it run whatever executable or files you are downloading as it would not be storing the packets in order to be reassembled.

Jeff Meigs
  • 277
  • 1
  • 8
  • 7
    I find it questionable to say "torrents" are putting you at risk. There are many very good use cases for torrents and it's not less safe than downloading anything from the internet. It's not in our best interest to demonise this protocol. You would have to say the same thing about HTML - you are in fact running a huge risk using any websites services and I would believe everyone agrees that the majority of malicious software is not spreading through torrents. I would in fact hope every website offering any sort of download would (also) offer it as a torrent, like many linux distributions do. – Chris Mar 28 '16 at 07:37
  • While I agree, there are also some risks involved, often related to the client software where a few issues exist. Also, in many cases the person downloading a zipped file cannot verify its content before it is downloaded (thus exposing oneself to juridical issues since the user are sharing potentially illegal material during the entire time). Example: https://www.cvedetails.com/vulnerability-list/vendor_id-6117/Utorrent.html – Simply G. Mar 30 '16 at 09:33
  • Based on user comments, I have removed my remark regarding the statement that torrents are unsafe. I was simply generalizing that its not uncommon to find users who have infected devices because the use of torrents. It does not mean that using the torrent services is risky, it simply means to always exercise caution when retrieving anything from sources you don't know. – Jeff Meigs Apr 05 '16 at 20:15
0

Interpretation causes infection. No Interpretation, no infection. Passing torrent bytes doesn't do anything with the data except some tasks to just 'pass' them. Tethering is no harm for your phone :)

  • *No Interpretation, no infection.* Is it an absolute rule? Do some exploits work without interpretation? – A.L Mar 29 '16 at 16:56
0

One point not covered by the answers so far is that this may depend on how you're using your phone.

If you're using wireless or bluetooth tethering , then as mentioned, its unlikely to be a problem, however if you're using USB tethering then there is more of a connection between the PC and the phone and if the security on your smartphone is configured to trust your PC (e.g. developer tools enabled & USB debugging enabled), it may be possible for malware on the PC to attack the phone.

A_Learner
  • 76
  • 4
0

There are different problems in the question:

  • can a phone acting as a router be infected by a malware in data flow? Yes but the risk is low. Is someone found a flaw in routing protocol of the phone OS, it could build special streams to exploit the flaw. But currently IP stacks use good old hightly tested somewhere so the risk can be neglected
  • can connecting a communication equipment to a bad site compromise the security of the equipment? Yes, unless you are protected behind an external firewall. If you have a direct IP connection to a site, your IP address is known and the site could attack you with port scanning. Here again if the OS is robust and no back door has already be installed the risk is low. You have been said than plenty of routers are on the way and are not compromised, but few of them contains last Android or iOS games...
  • can connecting your phone to your computer where you download data from uncontrolled source compromise you phone? Yes, because if the computer is compromised and if it can access to the internal memory (SD card...) of the phone bad things could happen, not speaking of the direct connection. Here again the risk can become higher if software on the phone cooperates with malicious software on computer.

That being said I do not want to make confusion between Torrent and malware. Torrent is just a protocol and can be used to download a Linux ar BSD distrib without risk - provided you control the hash of the received file before using it. What is dangerous is to download codecs or other similar tools from uncontrolled sites and use them.

Serge Ballesta
  • 25,636
  • 4
  • 42
  • 84