VnutZ Domain
Copyright © 1996 - 2020 [Matthew Vea] - All Rights Reserved

2013-08-14
Featured Article

Blackhat Femtocell Hacking

[index] [1,026 page views]
Tagged As: BlackHat, Hacking, Privacy, and Security

One of the interesting presentations at the 2013 Blackhat conference in Las Vegas demonstrated the fun hackers can have with a femtocell. For those not familiar with them, femtocells are essentially miniature base stations that allow a mobile phone to affiliate (via 3G, LTE, etc) whereupon the connection is patched to the carrier via the Internet. This sort of technology is useful in low signal areas such as your house in order to have a full signal experience.

Tom Ritter of iSEC presented, I Can Hear You Now: Traffic Interception and Remote Mobile Phone Cloning with a Compromised CDMA Femtocell which demonstrated all the options available with a Verizon femtocell. The hackers first gained shell and root access to the device whereupon they were able to perform traffic captures of all the data passing through. It took awhile for them to identify the codec used for voice, but once determined, they were able to capture a call's voice packets for decoding and replaying voice conversations. Text messages were easy to intercept and display live to the audience as was capturing the data sessions. (NOTE: The same talk was also given at DEFCON where the audience was much more apt to text "Penis" and other phallic ASCII art to be displayed on the projectors.) For their demonstration, they intercepted an SSL connection from the affiliated phone to a bank and logged the username/password combinations. All of this was "simple stuff" when you have root access to the packet streams. So the team went further and used their captured information to essentially allow them to clone a mobile phone such that they could receive calls, listen in on existing calls and for all intents and purposes ... be that phone and use it's account for free. According to Ritter, "this is not about how the NSA would attack ordinary people. This is about how ordinary people would attack ordinary people."

All it takes is for the hacker to buy the hardware direct from Verizon (which is now patched in firmware ... but older models are easily obtained and already exist). How does one stop their phone from affiliating with a nearby femtocell? You can't.



More site content that might interest you:

Maybe the test should be to determine "how" human you are ... gives some more wiggle room.


Try your hand at fate and use the site's continuously updating statistical analysis of the MegaMillions and PowerBall lotteries to choose "smarter" number. Remember, you don't have to win the jackpot to win money from the lottery!


Tired of social media sites mining all your data? Try a private, auto-deleting message bulletin board.