Home opinion-and-analysis Cornered! Intercepting cellphone calls really is child's play
Since my earlier comments  on reports that mobile phones can be compromised and calls intercepted, simply by sending an SMS that contains reprogramming instructions, the originator of the technique has responded to the questions I raised.

It now appears that the compromised phone, unbeknownst to the user, simply creates a three way conference call with the attacker for every call made and received. Scary!

German security company, SecurStar, claimed to have uncovered the first serious threat to the security of cellphone conversations, saying that "Simply by sending an invisible and unnoticeable SMS message to a particular cellphone, spying on cell phone users has become child's play."

I suggested that the security of mobile phones had long been compromised by the development of IMSI- catchers, hardware devices that intercept GSM calls over the air and exploit weaknesses in the GSM encryption algorithm.

 Wifried Hafner, CEO of SecurStar responded to this, telling me: "Yes IMSI catchers have been around for several years but it is not easy to get such equipment and monitoring cannot be made by just anyone."

I also queried his claim that interception is 'child's play' since he had given no indication as to how the call is retrieved from the compromised phone. It does indeed appear to be child's play. Here is what Hafner told me:

"We can sent a service SMS to any phone (regardless of the operating system) and reprogram the SIM card and/or parts of the phone. (A service SMS is a specially formatted SMS that contains data instructions for the reconfiguration /programming and/or update of phones and SIM cards.).

"While usually a service SMS should be sent by the provider to upgrade the SIM card and configure the phone, normal users can also simulate this and send a service SMS. Here the phone and SIM card of the victim are reprogrammed in a way that each entering or exiting phone call are silently conferenced with the attacker.

"It is the victim's phone that creates a second 'hidden' conference call to the attacker. Also the victim pays for this second telephone call. (Equivalent to a 3-way conference call) In order not to show on the monthly bill, the attacker can chose to get called on an anonymous 0800 number that is redirected through VoIP. In this way the call is not charged to the victim and the number does not appear on the monthly statement."

LEARN NBN TRICKS AND TRAPS WITH FREE NBN SURVIVAL GUIDE

Did you know: Key business communication services may not work on the NBN?

Would your office survive without a phone, fax or email?

Avoid disruption and despair for your business.

Learn the NBN tricks and traps with your FREE 10-page NBN Business Survival Guide

The NBN Business Survival Guide answers your key questions:

· When can I get NBN?
· Will my business phones work?
· Will fax & EFTPOS be affected?
· How much will NBN cost?
· When should I start preparing?

DOWNLOAD NOW!

Stuart Corner

 

Tracking the telecoms industry since 1989, Stuart has been awarded Journalist Of The Year by the Australian Telecommunications Users Group (twice) and by the Service Providers Action Network. In 2010 he received the 'Kester' lifetime achievement award in the Consensus IT Writers Awards and was made a Lifetime Member of the Telecommunications Society of Australia. He was born in the UK, came to Australia in 1980 and has been here ever since.

 

 

 

 

Connect

Join the iTWire Community and be part of the latest news, invites to exclusive events, whitepapers and educational materials and oppertunities.
Why do I want to receive this daily update?
  • The latest features from iTWire
  • Free whitepaper downloads
  • Industry opportunities