Home Information Security A hacker created a cell phone tapping device for $1,500

A hacker created a cell phone tapping device for $1,500

by admin

A hacker created a cell phone tapping device for $1,500
A computer security researcher for just $1, 500 has created a device that can intercept certain types of cell phone calls and record conversations.
Chris Paget’s attack this past Saturday at Defcon demonstrated a vulnerability in the GSM standard, one of the most common cellular phone technologies.
The attack was local and benign: Chris demonstrated how he could intercept several dozen calls made by other hackers in the audience during his presentation at DefCon. But the same method can also be used by criminals not at all for demonstration purposes, and users don’t have much in the way of protection.
Paget hopes his research will help spur the adoption of new, more secure communication standards. "GSM is hacked — just hacked, " he said.
GSM or 2G, "second-generation" cellular technology. Phones that run on the newer 3G and 4G standards are not vulnerable to this attack.
If you’re using an iPhone or other smartphone that displays on the screen during a call that the connection is through a 3G network, you’re protected. Paget also noted that BlackBerry phones use encryption on calls, which also thwarts a possible attack. According to Paget, if you’re using a phone that doesn’t display information about the standard used, those phones are vulnerable.

Translator’s note

In addition to the original (too "populist") article, let’s dig a little deeper.
In his personal blog Chris posted A presentation from DefCon and promised to post a video from the conference.
The presentation reveals some of the details of the "hack". In a nutshell: it creates its own base station with a fake network name (BTS – Base transceiver station), when you connect the phone, the station sends a command to disable the encryption.
The output power of the used device is only 25 mW, the antennas have a gain of 13dBi, which gives about 0.5 W of ERIP (Effective Isotropic Radiated Power). This was quite sufficient for the demonstration.
During the demonstration, a minimum of 30 phones were connected to his base station. The logs were deleted immediately, and physically – the USB stick with the logs was broken (the stick was used to boot the system). The logs contained IMSI, IMEI, dialed numbers and audio recordings of all seventeen calls made.

Unlike the Associated Press reporter, Chris openly states that he uses IMSI Catcher. and the technology has been known since 1993. Thus, it is more likely not about hacking, but using the disadvantages of the GSM-standard and the lack of notification in cellular phones when disabling the encryption command of the BS – in an inexpensive implementation.

You may also like