News / Science & Technology

    Researchers Hack Verizon Device, Turn it Into Mobile Spy Station

    A cell phone user passes a Verizon store in New York in this April 27, 2006 file photo.
    A cell phone user passes a Verizon store in New York in this April 27, 2006 file photo.
    Reuters

    Two security experts said they have figured out how to spy on Verizon Wireless mobile phone customers by hacking into devices the U.S. carrier sells to boost wireless signals indoors.
     

    The finding, which the experts demonstrated to Reuters and will further detail at two hacking conferences this summer, comes at a time of intense global debate about electronic privacy, after top-secret U.S. surveillance programs were leaked by a former National Security Agency contractor, Edward Snowden, last month.

    "This is not about how the NSA would attack ordinary people. This is about how ordinary people would attack ordinary people,'' said Tom Ritter, a senior consultant with the security firm iSEC Partners.
     

    Verizon said it has updated the software on its signal-boosting devices, known as femtocells or network extenders, to prevent hackers from copying the technique of the two experts.
     

    But Ritter said motivated hackers can still find other ways to hack the femtocells of Verizon, as well as those offered by some 30 carriers worldwide to their customers.

    Femtocells, which act as tiny cellphone towers, can be purchased directly from Verizon for $250. Used models can be obtained online for about $150.  Ritter and his colleague, Doug DePerry, demonstrated for Reuters how they can eavesdrop on text messages, photos and phone calls made with an Android phone and an iPhone by using a Verizon femtocell that they had previously hacked.
     

    They declined to disclose how they had modified the software on the device, saying they do not want to make it any easier for criminals to figure out similar ways to hack femtocells.

       
    The two said they plan to give more elaborate demonstrations wo weeks from now at the Black Hat and Def Con hacking conferences in Las Vegas. More than 15,000 security professionals and hackers are expected to attend those conferences, which feature talks on newly found bugs in communications systems, smart TVs, mobile devices and computers that run facilities from factories to oil rigs.

     

    Verizon Wireless released a Linux software update in March that prevents its network extenders from being compromised in the manner reported by Ritter and DePerry, according to company spokesman David Samberg.

    "The Verizon Wireless Network Extender remains a very secure and effective solution for our customers,'' Samberg said in a statement. He said there have been no reports of customers being impacted by the bug that the researchers had identified. The company is a joint venture between Verizon Communications Inc and Vodafone Group Plc.

     

    Samberg said his company uses an internal security team as well as outside firms to look for vulnerabilities in the devices it sells, before and after they are released.

       
    Still, the two researchers said they are able to use the hacked femtocell to spy on Verizon phones even after Verizon released that update because they had modified the device before the company pushed out the software fix.


    The researchers built their "proof of concept'' system that they will demonstrate in Las Vegas with femtocells manufactured by Samsung Electronics Co and a $50 antenna from Wilson Electronics Inc.
     

    They said that with a little more work, they could have weaponized it for stealth attacks by packaging all equipment needed for a surveillance operation into a backpack that could be dropped near a target they wanted to monitor.

       
    For example, a group interested in potential mergers might place such a backpack in Manhattan restaurants frequented by investment bankers. Verizon's website said the device has a 40-foot range, but the researchers believe that could be expanded by adding specialized antennas.
     

    The iSEC researchers are not the first to warn of vulnerabilities in femtocells, but claim to be the first to hack the femtocells of a U.S. carrier and also the first running on a wireless standard known as CDMA. Other hacking experts have previously uncovered security bugs in femtocells used by carriers in Europe.

       
    CTIA, a wireless industry group based in Washington, in February released a report that identified femtocells as a potential point of attack. John Marinho, CTIA's vice president for cybersecurity and Technology, said that the group is more concerned about other potential cyber threats, such as malicious apps. He is not aware of anycase where attacks were launched via femtocells.
     

    Still, he said, the industry is monitoring the issue: "Threats change every day.''

     

    You May Like

    Hope Remains for Rio Olympic Games, Despite Woes

    Facing a host of problems, Rio prepares for holding the games but experts say some risks, like Zika, may not be as grave as initially thought

    IS Use of Social Media to Recruit, Radicalize Still a Top Threat to US

    Despite military gains against IS in Iraq and Syria, their internet propaganda still commands an audience; US officials see 'the most complex challenge that the federal government and industry face'

    ‘Time Is Now’ to Save Africa’s Animals From Poachers, Activist Says

    During Zimbabwe visit, African Wildlife Foundation President Kaddu Sebunya says poaching hurts Africa as slave trade once did

    Featured Videos

    Your JavaScript is turned off or you have an old version of Adobe's Flash Player. Get the latest Flash player.
    Ivorian Chocolate Makers Promote Locally-made Chocolatei
    X
    July 29, 2016 4:02 PM
    Ivory Coast is the world's top producer of cocoa but hardly any of it is processed into chocolate there. Instead, the cocoa is sent abroad to chocolate makers in Europe and elsewhere. This is a general problem throughout Africa – massive exports of raw materials but few finished goods. As Emilie Iob reports from Abidjan, several Ivorian entrepreneurs are working to change that formula - 100 percent Ivorian chocolate bar at a time.
    Video

    Video Ivorian Chocolate Makers Promote Locally-made Chocolate

    Ivory Coast is the world's top producer of cocoa but hardly any of it is processed into chocolate there. Instead, the cocoa is sent abroad to chocolate makers in Europe and elsewhere. This is a general problem throughout Africa – massive exports of raw materials but few finished goods. As Emilie Iob reports from Abidjan, several Ivorian entrepreneurs are working to change that formula - 100 percent Ivorian chocolate bar at a time.
    Video

    Video Tesla Opens Battery-Producing Gigafactory

    Two years after starting to produce electric cars, U.S. car maker Tesla Motors has opened the first part of its huge battery manufacturing plant, which will eventually cover more than a square kilometer. Situated close to Reno, Nevada, the so-called Gigafactory will eventually produce more lithium-ion batteries than were made worldwide in 2013. VOA's George Putic reports.
    Video

    Video Polio-affected Afghan Student Fulfilling Her Dreams in America

    Afghanistan is one of only two countries in the world where children still get infected by polio. The other is Pakistan. Mahbooba Akhtarzada who is from Afghanistan, was disabled by polio, but has managed to overcome the obstacles caused by this crippling disease. VOA's Zheela Nasari caught up with Akhtarzada and brings us this report narrated by Bronwyn Benito.
    Video

    Video Hillary Clinton Promises to Build a 'Better Tomorrow'

    Democratic presidential candidate Hillary Clinton urged voters Thursday not to give in to the politics of fear. She vowed to unite the country and move it forward if elected in November. Clinton formally accepted the Democratic Party's nomination at its national convention in Philadelphia. VOA national correspondent Jim Malone has more.
    Video

    Video Trump Tones Down Praise for Russia

    Republican presidential candidate Donald Trump is toning down his compliments for Russia and Vladimir Putin as such rhetoric got him in trouble recently. After calling on Russia to find 30.000 missing emails from rival Hillary Clinton, Trump told reporters he doesn't know Putin and never called him a great leader, just one who's better than President Barack Obama. Putin has welcomed Trump's overtures, but, as Zlatica Hoke reports, ordinary Russians say they are not putting much faith in Trump.
    Video

    Video Uganda Unveils its First Solar-powered Bus

    A solar-powered bus described by its Ugandan makers as the first in Africa has made its public debut. Kiira Motors' electric bus, Kayoola, displayed recently at a stadium in Uganda's capital. From Kampala, Maurice Magorane filed this report narrated by Salem Solomon.
    Video

    Video Silicon Valley: More Than A Place, It's a Culture

    Silicon Valley is a technology powerhouse and a place that companies such as Google, Facebook and Apple call home. It is a region in northern California that stretches from San Francisco to San Jose. But, more than that, it's known for its startup culture. VOA's Elizabeth Lee went inside one company to find out what it's like to work in a startup.
    Video

    Video Immigrant Delegate Marvels at Democratic Process

    It’s been a bitter and divisive election season – but first time Indian-American delegate Dr. Shashi Gupta headed to the Democratic National Convention with a sense of hope. VOA’s Katherine Gypson followed this immigrant with the love of U.S. politics all the way to Philadelphia.
    Video

    Video Dutch Entrepreneurs Turn Rainwater Into Beer

    June has been recorded as one of the wettest months in more than a century in many parts of Europe. To a group of entrepreneurs in Amsterdam the rain came as a blessing, as they used the extra water to brew beer. Serginho Roosblad has more to the story.
    Video

    Video Commerce Thrives on US-Mexico Border

    At the Democratic Convention in Philadelphia this week, the party’s presumptive presidential nominee, Hillary Clinton, is expected to attack proposals made by her opponent, Republican presidential nominee Donald Trump, to build a wall along the U.S.-Mexico border. Last Friday, President Barack Obama hosted his Mexican counterpart, President Enrique Peña Nieto, to underscore the good relations between the two countries. VOA’s Greg Flakus reports from Tucson.
    Video

    Video Film Helps Save Ethiopian Children Thought to be Cursed

    'Omo Child' looks at effort of African man to stop killings of ‘mingi’ children
    Video

    Video London’s Financial Crown at Risk as Rivals Eye Brexit Opportunities

    By most measures, London rivals New York as the only true global financial center. But Britain’s vote to leave the European Union – so-called ‘Brexit’ – means the city could lose its right to sell services tariff-free across the bloc, risking its position as Europe’s financial headquarters. Already some banks have said they may shift operations to the mainland. Henry Ridgwell reports from London.

    Special Report

    Adrift The Invisible African Diaspora