News / Science & Technology

Researchers Hack Verizon Device, Turn it Into Mobile Spy Station

A cell phone user passes a Verizon store in New York in this April 27, 2006 file photo.
A cell phone user passes a Verizon store in New York in this April 27, 2006 file photo.
Reuters

Two security experts said they have figured out how to spy on Verizon Wireless mobile phone customers by hacking into devices the U.S. carrier sells to boost wireless signals indoors.
 

The finding, which the experts demonstrated to Reuters and will further detail at two hacking conferences this summer, comes at a time of intense global debate about electronic privacy, after top-secret U.S. surveillance programs were leaked by a former National Security Agency contractor, Edward Snowden, last month.

"This is not about how the NSA would attack ordinary people. This is about how ordinary people would attack ordinary people,'' said Tom Ritter, a senior consultant with the security firm iSEC Partners.
 

Verizon said it has updated the software on its signal-boosting devices, known as femtocells or network extenders, to prevent hackers from copying the technique of the two experts.
 

But Ritter said motivated hackers can still find other ways to hack the femtocells of Verizon, as well as those offered by some 30 carriers worldwide to their customers.

Femtocells, which act as tiny cellphone towers, can be purchased directly from Verizon for $250. Used models can be obtained online for about $150.  Ritter and his colleague, Doug DePerry, demonstrated for Reuters how they can eavesdrop on text messages, photos and phone calls made with an Android phone and an iPhone by using a Verizon femtocell that they had previously hacked.
 

They declined to disclose how they had modified the software on the device, saying they do not want to make it any easier for criminals to figure out similar ways to hack femtocells.

   
The two said they plan to give more elaborate demonstrations wo weeks from now at the Black Hat and Def Con hacking conferences in Las Vegas. More than 15,000 security professionals and hackers are expected to attend those conferences, which feature talks on newly found bugs in communications systems, smart TVs, mobile devices and computers that run facilities from factories to oil rigs.

 

Verizon Wireless released a Linux software update in March that prevents its network extenders from being compromised in the manner reported by Ritter and DePerry, according to company spokesman David Samberg.

"The Verizon Wireless Network Extender remains a very secure and effective solution for our customers,'' Samberg said in a statement. He said there have been no reports of customers being impacted by the bug that the researchers had identified. The company is a joint venture between Verizon Communications Inc and Vodafone Group Plc.

 

Samberg said his company uses an internal security team as well as outside firms to look for vulnerabilities in the devices it sells, before and after they are released.

   
Still, the two researchers said they are able to use the hacked femtocell to spy on Verizon phones even after Verizon released that update because they had modified the device before the company pushed out the software fix.


The researchers built their "proof of concept'' system that they will demonstrate in Las Vegas with femtocells manufactured by Samsung Electronics Co and a $50 antenna from Wilson Electronics Inc.
 

They said that with a little more work, they could have weaponized it for stealth attacks by packaging all equipment needed for a surveillance operation into a backpack that could be dropped near a target they wanted to monitor.

   
For example, a group interested in potential mergers might place such a backpack in Manhattan restaurants frequented by investment bankers. Verizon's website said the device has a 40-foot range, but the researchers believe that could be expanded by adding specialized antennas.
 

The iSEC researchers are not the first to warn of vulnerabilities in femtocells, but claim to be the first to hack the femtocells of a U.S. carrier and also the first running on a wireless standard known as CDMA. Other hacking experts have previously uncovered security bugs in femtocells used by carriers in Europe.

   
CTIA, a wireless industry group based in Washington, in February released a report that identified femtocells as a potential point of attack. John Marinho, CTIA's vice president for cybersecurity and Technology, said that the group is more concerned about other potential cyber threats, such as malicious apps. He is not aware of anycase where attacks were launched via femtocells.
 

Still, he said, the industry is monitoring the issue: "Threats change every day.''

 

You May Like

Photogallery Kyiv: Russian Forces Tightening Grip on East

And new United Nations report documents human rights abuses committed by both sides in conflict More

Locust Swarms Fill Antananarivo Skies

FAO-led control efforts halted plague More

South Africa’s Plan to Move Rhinos May Not Stop Poaching

Experts say international coordination needed to follow the money trail and bring down rhino horn kingpins More

Featured Videos

Your JavaScript is turned off or you have an old version of Adobe's Flash Player. Get the latest Flash player.
Ebola Vaccine Trials To Begin Next Weeki
X
August 29, 2014 2:18 AM
The National Institutes of Health says it is launching early stage trials of a vaccine to prevent the Ebola virus, which has infected or killed thousands of people across West Africa. The World Health Organization says Ebola could infect more than 20,000 people across the region by the time the outbreak is over. The epidemic has health experts and governments scrambling to prevent more people from becoming infected. Zlatica Hoke has more.
Video

Video Ebola Vaccine Trials To Begin Next Week

The National Institutes of Health says it is launching early stage trials of a vaccine to prevent the Ebola virus, which has infected or killed thousands of people across West Africa. The World Health Organization says Ebola could infect more than 20,000 people across the region by the time the outbreak is over. The epidemic has health experts and governments scrambling to prevent more people from becoming infected. Zlatica Hoke has more.
Video

Video Asian Bacteria Threatens Florida Orange Trees

Florida's citrus fruit industry is facing a serious threat from a bacteria carried by the Asian insect called psyllid. The widespread infestation again highlights the danger of transferring non-native species to American soil. VOA’s George Putic reports.
Video

Video Aging Will Reduce Economic Growth Worldwide in Coming Decades

The world is getting older, fast. And as more people retire each year, fewer working-age people will be there to replace them. Bond rating agency Moody’s says that will lead to a decline in household savings; reducing global investments - which in turn, will lead to slower economic growth around the world. But experts say it’s not too late to mitigate the economic impact of the world’s aging populations. Mil Arcega has more.
Video

Video Is West Doing Enough to Tackle Islamic State?

U.S. President Barack Obama has ruled out sending ground troops to Iraq to fight militants of the so-called Islamic State, or ISIS, despite officials in Washington describing the extremist group as the biggest threat the United States has faced in years. Henry Ridgwell reports from London on the growing uncertainty over whether the West’s response to ISIS will be enough to defeat the terrorist threat.
Video

Video Pachyderms Play Polo to Raise Money for Elephants

Polo, the ancient team competition typically played on horseback, is known as the “sport of kings.” However, the royal version for one annual event in Thailand swaps the horse for the kingdom’s national symbol - the elephant. VOA Correspondent Steve Herman in Samut Prakan reports that the King’s Cup Elephant Polo tournament is all for a good cause.
Video

Video Coalition to Fight Islamic State Could Reward Assad

The United States along with European and Mideast allies are considering a broader assault against Islamic State fighters who have spread from Syria into Iraq and risk further destabilizing an already troubled region. But as VOA State Department Correspondent Scott Stearns reports, confronting those militants could end up helping the embattled Syrian President Bashar al-Assad.
Video

Video Made in America Socks Get Toehold in Online Fashion Market

Three young entrepreneurs are hoping to revolutionize the high-end sock industry by introducing all-American creations of their own. And they’re doing most of it the old-fashioned way. VOA’s Julie Taboh recently caught up with them to learn what goes into making their one-of-a-kind socks.
Video

Video Americans, Ex-Pats Send Relief Supplies to West Africa

Health organizations from around the world are sending supplies and specialists to the West African countries that are dealing with the worst Ebola outbreak in history. On a smaller scale, ordinary Americans and African expatriates living in the United States are doing the same. VOA's Carol Pearson reports.
Video

Video America's Most Popular Artworks Displayed in Public Places

Public places in cities across America were turned into open-air art galleries in August. Pictures of the nation’s most popular artworks were displayed on billboards, bus shelters, subway platforms and more. The idea behind “Art Everywhere,” a collaborative campaign by five major museums is to allow more people to enjoy art and learn about the country’s culture and history. Faiza Elmasry has more.
Video

Video Chinese Doctors Use 3-D Spinal Implant

A Chinese boy suffering from a debilitating bone disease has become the first patient with a part of his spine created in a three-dimensional printer. Doctors say he will soon regain normal mobility. VOA’s George Putic reports.
Video

Video India’s Leprosy Battle Stymied by Continuing Stigma

Medical advancements in the treatment of leprosy have greatly diminished its impact around the world, largely eliminating the disease from most countries. India made great strides in combating leprosy, but still accounts for a majority of the world’s new cases each year, and the number of newly infected Indians is rising - more than 130,000 recorded last year. Doctors there say the problem has more to do with society than science. Shaikh Azizur Rahman reports from Kolkata.
Video

Video Scientists Unlock Mystery of Bird Flocks

How can flocks of birds, schools of fish or herds of antelope suddenly change direction -- all the individuals adjusting their movement in concert, at seemingly the same time? British researchers now have some insights into this behavior, which has puzzled scientists for a long time. VOA's George Putic has more.

AppleAndroid