e-commerce in Bangladesh

Sunday, August 01, 2010

Now anybody can hack into GSM phones

Now you can easily tap mobile phone calls that use GSM network. At the recently finished Def Con 18 security conference at the Rivera Hotel Casino Las Vegas, Chris Paget, a researcher, demonstrated how to intercept mobile phone calls on the GSM network.

Paget used equipments worth $1500 to build an IMSI (International Mobile Identity Subscriber) catcher that can be configured to “impersonate” as a mobile tower of a specific network carrier and user can easily listen to conversations made over GSM-based cell-phones in that area.

The signal emitted from the device will appear to be the strongest to cell-phones allowing the user to intercept outgoing calls and record conversation. On the other hand, to the network carrier, the cell-phone would appear to be disconnected from its network.

Paget also said that the hacker can also impersonate as the cell-phone user to the network whose phone he has intercepted which means he can also gain control of inbound calls and store it in voicemail.

This is a major concern for the mobile phone operators and users. Normally, phone calls are protected by encrypted codes but the IMSI catcher can turn the encryption off. According to GSM standard, users would have to be warned when the encryption is disabled but GSM phones do not come with such facilities. Paget said, "Even though the GSM spec requires it, this is a deliberate choice on the cell phone makers."

In the US, if you are using Verizon or Sprint, then you would not have to worry about cellphone hacking for they use CDMA network however, AT&T, T-Mobile and most of the carriers outside the U.S use GSM network.

No comments:

Post a Comment