iTWire - Intercepting cellphone calls really is child's play

IT&T JOBS|Discussion forum|Releases|Technology Events|IT News for mobile|

Today on iTWire iPhone IT News Telecommunications People Our Blogs Tech Lifestyle Science Sustainability

Live Technology Events - Training - Forums - Summits

Technology news and Jobs

Telecommunications

Intercepting cellphone calls really is child's play

Intercepting cellphone calls really is child's play

E-mail

by Stuart Corner
Friday, 17 November 2006
! Since my earlier comments on reports that mobile phones can be compromised and calls intercepted, simply by sending an SMS that contains reprogramming instructions, the originator of the technique has responded to the questions I raised. It now appears that the compromised phone, unbeknownst to the user, simply creates a three way conference call with the attacker for every call made and received. Scary! German security company, SecurStar, claimed to have uncovered the first serious threat to the security of cellphone conversations, saying that "Simply by sending an invisible and unnoticeable SMS message to a particular cellphone, spying on cell phone users has become child's play." I suggested that the security of mobile phones had long been compromised by the development of IMSI- catchers, hardware devices that intercept GSM calls over the air and exploit weaknesses in the GSM encryption algorithm. Wifried Hafner, CEO of SecurStar responded to this, telling me: "Yes IMSI catchers have been around for several years but it is not easy to get such equipment and monitoring cannot be made by just anyone." I also queried his claim that interception is 'child's play' since he had given no indication as to how the call is retrieved from the compromised phone. It does indeed appear to be child's play. Here is what Hafner told me: "We can sent a service SMS to any phone (regardless of the operating system) and reprogram the SIM card and/or parts of the phone. (A service SMS is a specially formatted SMS that contains data instructions for the reconfiguration /programming and/or update of phones and SIM cards.). "While usually a service SMS should be sent by the provider to upgrade the SIM card and configure the phone, normal users can also simulate this and send a service SMS. Here the phone and SIM card of the victim are reprogrammed in a way that each entering or exiting phone call are silently conferenced with the attacker. "It is the victim's phone that creates a second 'hidden' conference call to the attacker. Also the victim pays for this second telephone call. (Equivalent to a 3-way conference call) In order not to show on the monthly bill, the attacker can chose to get called on an anonymous 0800 number that is redirected through VoIP. In this way the call is not charged to the victim and the number does not appear on the monthly statement."{moscomment} Please enable JavaScript in your browser to post your comment! Tags See All Tags Get stories like this delivered daily - FREE - subscribe now

< Next story in category		Previous story in the category >

Sponsored Releases

Tumbleweed sales channel and email security solutions well placed to continue growth

ATM viewed as custodian of customer service by Australian banking industry

Charles Sturt University Commences Unified Communications Deployment With Interactive Intelligence

Progress Software's Cure for Managing Services-based Applications

ComOps Deploys Corporate Performance Reporting Solution For Healthcare Test Manufacturer

UTelco Systems Pty Ltd Signs Consulting Agreement with MicroStrategy

Interactive Intelligence Adds SMS to All-in-One Multi-Channel Contact Centre Software Suite

...Promote yourself here

Latest jobs

Visitors last 30 days
Suscribers

904,266
13,751

#1 independent technology news advertise here

Subscribe to our free e-newsletter

- Advertisement -

Sporting Club Scores Communications Win

Sporting Club Scores Communications Win

Featured Job
Business Objects Analyst Programmer
Melbourne Full Time

Today on iTWire