Please login or register.

Login with username, password and session length
gfx gfx
76732 Posts in 13481 Topics by 1646 Members - Latest Member: Ftool June 04, 2023, 10:56:45 pm
WinMX World :: Forum  |  Discussion  |  WinMx World News  |  Hackers crack open mobile network

Author Topic: Hackers crack open mobile network  (Read 734 times)

0 Members and 1 Guest are viewing this topic.

Offline DaBees-Knees

  • WMW Team
  • *****
Hackers crack open mobile network
« on: January 01, 2011, 07:18:21 am »

This is not strictly a p2p subject, but as there are so many mobile phone users I thought this would be of interest.

Mobile calls and texts made on any GSM network can be eavesdropped upon using four cheap phones and open source software, say security researchers.

Karsten Nohl and Sylvain Munaut demonstrated their eavesdropping toolkit at the Chaos Computer Club Congress (CCC) in Berlin. The work builds on earlier research that has found holes in many parts of the most widely used mobile technology. The pair spent a year putting together the parts of the eavesdropping toolkit.

"Now there's a path from your telephone number to me finding you and listening to your calls," Mr Nohl told BBC News. "The whole way." He said many of the pieces in the eavesdropping toolkit already existed thanks to work by other security researchers but there was one part the pair had to create themselves. "The one piece that completed the chain was the ability to record data off the air," he said.

In a demonstration at the CCC, the pair took attendees through all the steps that led from locating a particular phone to seizing its unique ID, then leap-frogging from that to getting hold of data swapped between a handset and a base station as calls are made and texts sent.

Key to grabbing the data from the air were cheap Motorola phones which can have their onboard software swapped for an open source alternative. "We used the cheap Motorola telephones because a description of their firmware leaked to the internet," he said. This led to the creation of open source alternative firmware that, he said, has its "filters" removed so it could see all the data being broadcast by a base station.

The eavesdropping work builds on earlier work to list GSM encryption keys. This allows attackers to home in on the data they need to eavesdrop, said Mr Nohl. The encryption system that scrambles this data can be defeated using a huge list of encryption keys, called a rainbow table, that Mr Nohl generated in a separate research project.

"Any GSM call is fair game," he said.

GSM is the name of the technology used on the vast majority of mobile phone networks around the world. The GSMA, which represents operators and phone makers, estimates that there are more than five billion GSM mobiles in use around the world. The GSMA has not responded to requests for comment about the research.

Playing around
Simeon Coney, a spokesman for mobile security firm Adaptive Mobile, said the work looked fairly thorough. "Especially interesting is how the attack is aimed at a specific target phone, which could lead to malicious interest of high value targets," he added. "This isn't an attack that is today readily repeatable yet by the anyone unfamiliar with the underlying technology," he said. "However, it does illustrate the manners in which the mobile phone system could be compromised in a focussed attack in less protected markets."

Mr Nohl said that before now commercial equipment that could spy on calls cost upwards of £35,000. The kit demonstrated at the Berlin event cost far less than that, he said. For instance, the Motorola phones used to grab data cost only 10 euros (£9) each. Despite showing off the entire eavesdropping kit, there were no plans to release all of it for others to use, said Mr Nohl. However, recreating the missing parts would not be difficult for a tech savvy amateur, he added. "I expect people to do it for the fun of doing it."

Mr Nohl said the motivation for carrying out the research was to create awareness around the problem and perhaps prompt operators to improve security. A few simple steps could make it much harder for eavesdroppers, he said. "Raising their awareness is the most likely outcome, but the technical changes would be better."

"I expect people to do it for the fun of doing it."

It seems mobile phone operators need to urgently wake up.  :gum:

Offline GhostShip

  • Ret. WinMX Special Forces
  • WMW Team
  • *****
Re: Hackers crack open mobile network
« Reply #1 on: January 01, 2011, 10:20:47 am »
This has been possible for many years with cellular interception equipment cost being the main bar to such activity, the core security of such networks relies on the AES encryption in usage and the ability (and will ) of the various networks to detect and reject identical IMEI registered units, many of you may remember the stories regarding how this was undertaken some time ago by UK councils who are legally allowed to posses such interception equipment to monitor their workforces communications amongst other things, that's pretty much frowned upon now but legally possible for them to still undertake this kind of activity to detect benefit and other fraud, tying this in with GPS makes one wonder just why anyone would bother having a mobile phone when they know their comms and activities can be monitored by others for fun or malicious intent, the fix for this is to increase the encryption methodology and key size, the reason this wont happen is that it will add to the various govt cost of spying on the populace and thus they will simply want to hush this news up.  

WinMX World :: Forum  |  Discussion  |  WinMx World News  |  Hackers crack open mobile network

©2005-2023 All Rights Reserved.
SMF 2.0.19 | SMF © 2021, Simple Machines | Terms and Policies
Page created in 0.026 seconds with 24 queries.
Helios Multi © Bloc
Powered by MySQL Powered by PHP Valid XHTML 1.0! Valid CSS!