Hacker makes mobile phone snooping affordable
Tuesday 03 August 2010
A hacker on Saturday brought mobile phone snooping to the modestly financed, showing how to build a call-catching system for about 1,500 dollars (US).
Chris Paget demonstrated his creation for more than a thousand people crammed into a grand room at a DefCon gathering of hackers in Las Vegas, warning them to turn off their phones if they wanted to be spared.
"I can intercept cell phone calls with 1,500 dollars worth of radio gear and a laptop," Paget said after the talk.
"You handset thinks I'm your cell phone tower and I get to control your calls. These attacks used to cost millions of dollars, now you can do it for a lot less."
The gear included an antenna and radio equipment and broadcast a GSM signal that imitated a legitimate telecom service tower, prompting handsets to automatically connect.
A hacker could then pretend to be the telecom service provider, forwarding calls to intended recipients and listening in.
"I can target specific people if I want to spy and I can command only certain types of phones to connect," Paget said. "An attacker could easily take advantage of this."
Mobile phone snoops with this gear could snag credit card or account information from calls made to shops or banks. Companies could be staked out in the hope insiders would reveal valuable information during calls.
His creation worked only on mobile phones using the GSM network and not more secure 3G, third generation, networks.
"GSM is broken," Paget said. "It is up to telecom providers when to shift from GMS to 3G networks. GMS is widely deployed with millions of handsets in use."
However, someone could use a noise generator and a power amplifier could easily jam a 3G network and prompt handsets to resort to GSM systems commonly used as backup systems, according to Paget.
He gestured to a noise generator he bought online for 450 dollars and a power amplifier purchased on the Internet for 400 dollars.
"I'm not turning this thing on," Paget said. "It would knock out pretty much every cell phone there is for most of Las Vegas."
The system only grabs outgoing calls since it has fooled handsets.
Since the phones have disconnected from real telecom service providers, they are considered gone from the networks and incoming calls are routed directly to voice mail boxes.
There is a way for hackers to use credentials from duped handsets to impersonate the phones to carriers, according to Paget.
His talk was almost scuttled by the US Federal Communications Commission, which reached out to him with concerns about the danger it might pose or statutes it might violate.
"There was so much shenanigans involved making sure I could get on stage," Paget said after the DefCon briefing. "The good news is that it is all over and I haven't been arrested."
Life & Style blogs
Can Microsoft boost flagging sales of the Xbox One console with its new game Titanfall?
25 years of the World Wide Web: Tim Berners-Lee explains how it all began
Tomnod: How to join the virtual search party scanning satellite imagery for missing flight MH370
Tim Berners-Lee on creating the web: 'I never expected all these cats'
iOS 7.1: How to get iPhone update, and what to do once you've got it
Katie Hopkins continues campaign to become Britain's most hated talking head with poorly timed Bob Crow tweet
No EU referendum under Labour: Ed Miliband to reveal that vote on membership is ‘unlikely’ in next Parliament if party wins power
Grace Dent: Who cares if she spells it Barraco Barner? Gemma Worrall is more employable than some bookish arts graduate
Fracking is turning the US into a bigger oil producer than Saudi Arabia
Europeans have ‘got whiter’ due to natural selection in past 5,000 years, scientists say
How climate change helped Genghis Khan: Scientists believe a sudden period of warmer weather allowed the Mongols to invade with such success
- 1 Arrest made after man is found by the side of the road with his penis cut off
- 2 Carnage after car hits cyclists in Brazil
- 3 Tim Berners-Lee on creating the web: 'I never expected all these cats'
- 4 Malaysia flight MH370: Pitbull song lyrics bear uncanny resemblance to missing plane mystery, according to YouTubers
- 5 First Kiss viral video was just a clothing advert starring actors
iJobs Gadgets & Tech
£20000 - £25000 per annum, Benefits: generous commission structure: Charter Se...
£1000 per month: Inspiring Interns: This company is one of the top two gaming ...
£45000 - £55000 per annum + benefits+bonus+package: Harrington Starr: Senior S...
£45000 - £50000 per annum + benefits+bonus+package: Harrington Starr: C# .NET ...