0

I'm writing a sci-fi story that includes a malicious app that spreads globally. The developer publishes an app without knowing it's infected, and it spreads because it forces phones to download it. Are there any mechanisms that might make this happen?

Of course, it's sci-fi so it can all be theoretical but I'd love to make this as realistic as possible. I assume it would have to access the OS somehow. Perhaps by exploiting app permissions? Any guidance or expertise is greatly appreciated! Thanks in advance.

Jori Richman
  • 3
  • 1

1 Answers1

1

Yes. This is plausible. What you're describing is worm-like behavior. App permissions are possible. But at some point it would probably need to exploit a vulnerability in the phone's software. It could be a chain of the app permissions enabling the exploitation of the vulnerability. In the real world, you sometimes need to chain together pieces like that to form a complete attack.

At the risk of splitting hairs, there is a distinction between a virus and a worm:

  • Virus - Infects a specific object like a file. When that file runs, it also runs the virus. The virus cannot run itself.
  • Worm - Usually a standalone program. Self-propagates across networks.

Credit to John Brunner for coining "worm" in The Shockwave Rider.

The most notable early example of an actual worm was The Morris Worm of the 80s. It's an interesting story. A logic flaw in the worm unintentionally led to a DDoS attack.

CorruptedHeapScapeGoat
  • 354
  • 1
  • 6
  • SUPER helpful! Thank you. What type of vulnerabilities in the software would a worm likely exploit to force an app to download and spread? – Jori Richman Jan 26 '21 at 05:24
  • @JoriRichman Worms generally spread by remote exploits. That is, a vulnerability that can be exploited without the end user interacting with the software. Most software these days talks with other pieces of software. Vulnerabilities in these mechanisms could make a worm spread like wildfire. – Steve Sether Jan 26 '21 at 06:47
  • @SteveSether is right: exploits of network services is the primary way that worms spread. See the SQL Slammer worm that ran through Microsoft SQL database servers. In your case, maybe the worm can steal contact information and email/text/DM copies of itself. Or use BlueTooth and NFA to hop to other nearby devices. – CorruptedHeapScapeGoat Jan 26 '21 at 15:40