News / Science & Technology

Researchers Hack Verizon Device, Turn it Into Mobile Spy Station

A cell phone user passes a Verizon store in New York in this April 27, 2006 file photo.
A cell phone user passes a Verizon store in New York in this April 27, 2006 file photo.
Reuters

Two security experts said they have figured out how to spy on Verizon Wireless mobile phone customers by hacking into devices the U.S. carrier sells to boost wireless signals indoors.
 

The finding, which the experts demonstrated to Reuters and will further detail at two hacking conferences this summer, comes at a time of intense global debate about electronic privacy, after top-secret U.S. surveillance programs were leaked by a former National Security Agency contractor, Edward Snowden, last month.

"This is not about how the NSA would attack ordinary people. This is about how ordinary people would attack ordinary people,'' said Tom Ritter, a senior consultant with the security firm iSEC Partners.
 

Verizon said it has updated the software on its signal-boosting devices, known as femtocells or network extenders, to prevent hackers from copying the technique of the two experts.
 

But Ritter said motivated hackers can still find other ways to hack the femtocells of Verizon, as well as those offered by some 30 carriers worldwide to their customers.

Femtocells, which act as tiny cellphone towers, can be purchased directly from Verizon for $250. Used models can be obtained online for about $150.  Ritter and his colleague, Doug DePerry, demonstrated for Reuters how they can eavesdrop on text messages, photos and phone calls made with an Android phone and an iPhone by using a Verizon femtocell that they had previously hacked.
 

They declined to disclose how they had modified the software on the device, saying they do not want to make it any easier for criminals to figure out similar ways to hack femtocells.

   
The two said they plan to give more elaborate demonstrations wo weeks from now at the Black Hat and Def Con hacking conferences in Las Vegas. More than 15,000 security professionals and hackers are expected to attend those conferences, which feature talks on newly found bugs in communications systems, smart TVs, mobile devices and computers that run facilities from factories to oil rigs.

 

Verizon Wireless released a Linux software update in March that prevents its network extenders from being compromised in the manner reported by Ritter and DePerry, according to company spokesman David Samberg.

"The Verizon Wireless Network Extender remains a very secure and effective solution for our customers,'' Samberg said in a statement. He said there have been no reports of customers being impacted by the bug that the researchers had identified. The company is a joint venture between Verizon Communications Inc and Vodafone Group Plc.

 

Samberg said his company uses an internal security team as well as outside firms to look for vulnerabilities in the devices it sells, before and after they are released.

   
Still, the two researchers said they are able to use the hacked femtocell to spy on Verizon phones even after Verizon released that update because they had modified the device before the company pushed out the software fix.


The researchers built their "proof of concept'' system that they will demonstrate in Las Vegas with femtocells manufactured by Samsung Electronics Co and a $50 antenna from Wilson Electronics Inc.
 

They said that with a little more work, they could have weaponized it for stealth attacks by packaging all equipment needed for a surveillance operation into a backpack that could be dropped near a target they wanted to monitor.

   
For example, a group interested in potential mergers might place such a backpack in Manhattan restaurants frequented by investment bankers. Verizon's website said the device has a 40-foot range, but the researchers believe that could be expanded by adding specialized antennas.
 

The iSEC researchers are not the first to warn of vulnerabilities in femtocells, but claim to be the first to hack the femtocells of a U.S. carrier and also the first running on a wireless standard known as CDMA. Other hacking experts have previously uncovered security bugs in femtocells used by carriers in Europe.

   
CTIA, a wireless industry group based in Washington, in February released a report that identified femtocells as a potential point of attack. John Marinho, CTIA's vice president for cybersecurity and Technology, said that the group is more concerned about other potential cyber threats, such as malicious apps. He is not aware of anycase where attacks were launched via femtocells.
 

Still, he said, the industry is monitoring the issue: "Threats change every day.''

 

You May Like

Multimedia Baltimore 'Victory Rally' Follows Charges in Detainee Death

Saturday's rally is largest organized gathering since state's attonrey filed felony charges in police-custody death of Freddie Gray More

UN Denies Child Sex Abuse Cover Up in CAR

UNHCR says senior official suspected of leaking report suspended for breaching rules More

Nepal Officials Slammed Over Aid Response

VOA News has compiled from various organizations complaints from across Nepal of bottlenecks at customs, repeated harassing inspections of aid convoys and seizure of goods More

Featured Videos

Your JavaScript is turned off or you have an old version of Adobe's Flash Player. Get the latest Flash player.
From Aleppo To Berlin: Band of Brothers Escapes Civil Wari
X
Henry Ridgwell
May 03, 2015 1:12 AM
Hundreds of thousands of Syrians have fled the civil war in their country and journeyed to Europe by boat across the Mediterranean. It is a terrifying ordeal with dangers at every turn. A group of Syrian brothers and their friends describe their ordeal as they try to reach Germany. VOA's Henry Ridgwell reports. ...
Video

Video From Aleppo To Berlin: Band of Brothers Escapes Civil War

Hundreds of thousands of Syrians have fled the civil war in their country and journeyed to Europe by boat across the Mediterranean. It is a terrifying ordeal with dangers at every turn. A group of Syrian brothers and their friends describe their ordeal as they try to reach Germany. VOA's Henry Ridgwell reports. ...
Video

Video Rural Nepal Suffers Brunt of Quake’s Devastation

Nepal is still coming to grips with the full extent of the devastation and misery caused by last Saturday’s magnitude 7.8 earthquake. Some of the hardest-hit communities have been cut off by landslides making it difficult to assess the precise toll. A VOA News crew has been among the first to reach a few of the smaller, remote communities. Correspondent Steve Herman reports from the Sindhupolchak district, east of Kathmandu, which suffered greatly in Nepal’s worst quake in more than 80 years.
Video

Video Black Families Use Baltimore Case to Revisit 'Police Talk'

Following Freddie Gray’s death in police custody this month, VOA interviewed black families throughout the eastern U.S. city of Baltimore about how they discuss the case. Over and over, parents pointed to a crucial talk they say every black mother or father has with their children. Victoria Macchi has more on how this conversation is passed down through generations.
Video

Video Middle East Atheist Channel Defies Taboo

In Egypt, a deeply religious country in a deeply religious region, atheism is not only taboo, it is dangerous. It is sometimes even criminal to publicly declare nonbelief. Despite the danger, one group of activists is pushing back with a new online channel that defends the right not to believe. VOA’s Heather Murdock reports.
Video

Video Nepal Quake Survivors Tell Their Stories

Against all hope, rescuers have found a few more survivors of the devastating earthquake that hit Nepal last Saturday. Mountain climbers and hikers trapped in remote places also have been airlifted to safety, and aid is finally reaching people in the areas closest to the quake's epicenter. Survivors and rescuers are now recounting their experience. Zlatica Hoke has this story.
Video

Video Lessons for Germany, Europe Remain on Anniversary of WWII's End

The 70th anniversary of the end of World War II will be marked May 8-9 in all European countries except Germany, which lost the war. How is the war viewed there, and what impact is it still having? From Berlin, VOA’s Al Pessin reports.
Video

Video 'Woman in Gold' Uses Artwork as Symbol of Cultural Identity

Simon Curtis’ legal drama, "Woman in Gold," is based on the true story of an American Jewish refugee from Austria who fights to reclaim a famous Gustav Klimt painting stolen from her family by the Nazis during World War II. It's a haunting film that speaks to the hearts of millions who have sought to reclaim their past, stripped from them 70 years ago. VOA's Penelope Poulou reports.
Video

Video Nepal Town Destroyed By Quake Counts Itself Lucky

Foreign search teams on Wednesday began reaching some of the communities outside Kathmandu that suffered worse damage than Nepal’s capital from last Saturday’s massive earthquake. VOA Correspondent Steve Herman is in Sankhu - a town of about 10,000 people - where there is relief the death toll is not higher despite widespread destruction.
Video

Video First Surgical Glue Approved for Use Inside Body

While medical adhesives are becoming more common, none had been approved for use inside the body until now. Earlier this year, the first ever biodegradable surgical glue won that approval from the U.S. Food and Drug Administration. VOA’s Rosanne Skirble reports on the innovation and its journey from academia to market.
Video

Video Somali Hotel Chain Owner Strives to Make a Difference

Many in the Somali diaspora are returning home to make a new life despite the continuing risks. Since 2011 when a military campaign against Al-Shabab militants began making progress, members of the diaspora community have come back to open hospitals, schools, hotels, restaurants and other businesses. Abdulaziz Billow in Mogadishu profiles the owner of a chain of hotels and restaurants who is helping to bring change to the once-deadly Somali capital.
Video

Video Study: One in Six Species Threatened with Extinction

Climate change is transforming the planet. Unless steps are taken to reduce global warming, scientists predict rising seas, stronger and more frequent storms, drought, fire and floods. As VOA’s Rosanne Skirble reports, a new study on species extinction underscores the need to take action to avoid the most catastrophic effects of rising temperatures.
Video

Video Taviani Brothers' 'Wondrous Boccaccio' Offers Tales of Love, Humor

The Italian duo of Paolo and Vittorio Taviani have been making movies for half a century: "The Night of the Shooting Stars," "Padre Padrone," "Good Morning, Babylon." Now in their 80s, the brothers have turned to one of the treasures of Italian culture for their latest film. VOA’s Carolyn Weaver reports.
Video

Video Child Migrants Cross Mediterranean Alone, Face Unknown Future

Among the thousands of migrants making the deadly journey by boat to Europe, there are unaccompanied girls and boys. Some have been sent by relatives to earn money; others are orphaned or fleeing war. From a shelter for young migrants in the Sicilian town of Caltagirone, VOA's Henry Ridgwell reports.
Video

Video Baltimore Riots Shed Light on City’s Troubled Past

National Guard troops took up positions Tuesday in Baltimore, Maryland, as authorities tried to restore order after rioting broke out a day earlier. It followed Monday's funeral of a 25-year-old black man who died while in police custody earlier this month. VOA's Chris Simkins reports.
Video

Video Challenges Await Aid Organizations on the Ground in Nepal

A major earthquake rocked Nepal on Saturday and killed thousands, injured thousands more and sent countless Nepalese outside to live in makeshift tent villages. The challenges to Nepal are enormous, with some reconstruction estimates at around $5 billion. Aid workers from around the world face challenges getting into Nepal, which likely makes for a difficult recovery. Arash Arabasadi has the story from Washington.

Poll: Baltimore Police Charged

Poll archive

VOA Blogs