News / Science & Technology

    Researchers Hack Verizon Device, Turn it Into Mobile Spy Station

    A cell phone user passes a Verizon store in New York in this April 27, 2006 file photo.
    A cell phone user passes a Verizon store in New York in this April 27, 2006 file photo.
    Reuters

    Two security experts said they have figured out how to spy on Verizon Wireless mobile phone customers by hacking into devices the U.S. carrier sells to boost wireless signals indoors.
     

    The finding, which the experts demonstrated to Reuters and will further detail at two hacking conferences this summer, comes at a time of intense global debate about electronic privacy, after top-secret U.S. surveillance programs were leaked by a former National Security Agency contractor, Edward Snowden, last month.

    "This is not about how the NSA would attack ordinary people. This is about how ordinary people would attack ordinary people,'' said Tom Ritter, a senior consultant with the security firm iSEC Partners.
     

    Verizon said it has updated the software on its signal-boosting devices, known as femtocells or network extenders, to prevent hackers from copying the technique of the two experts.
     

    But Ritter said motivated hackers can still find other ways to hack the femtocells of Verizon, as well as those offered by some 30 carriers worldwide to their customers.

    Femtocells, which act as tiny cellphone towers, can be purchased directly from Verizon for $250. Used models can be obtained online for about $150.  Ritter and his colleague, Doug DePerry, demonstrated for Reuters how they can eavesdrop on text messages, photos and phone calls made with an Android phone and an iPhone by using a Verizon femtocell that they had previously hacked.
     

    They declined to disclose how they had modified the software on the device, saying they do not want to make it any easier for criminals to figure out similar ways to hack femtocells.

       
    The two said they plan to give more elaborate demonstrations wo weeks from now at the Black Hat and Def Con hacking conferences in Las Vegas. More than 15,000 security professionals and hackers are expected to attend those conferences, which feature talks on newly found bugs in communications systems, smart TVs, mobile devices and computers that run facilities from factories to oil rigs.

     

    Verizon Wireless released a Linux software update in March that prevents its network extenders from being compromised in the manner reported by Ritter and DePerry, according to company spokesman David Samberg.

    "The Verizon Wireless Network Extender remains a very secure and effective solution for our customers,'' Samberg said in a statement. He said there have been no reports of customers being impacted by the bug that the researchers had identified. The company is a joint venture between Verizon Communications Inc and Vodafone Group Plc.

     

    Samberg said his company uses an internal security team as well as outside firms to look for vulnerabilities in the devices it sells, before and after they are released.

       
    Still, the two researchers said they are able to use the hacked femtocell to spy on Verizon phones even after Verizon released that update because they had modified the device before the company pushed out the software fix.


    The researchers built their "proof of concept'' system that they will demonstrate in Las Vegas with femtocells manufactured by Samsung Electronics Co and a $50 antenna from Wilson Electronics Inc.
     

    They said that with a little more work, they could have weaponized it for stealth attacks by packaging all equipment needed for a surveillance operation into a backpack that could be dropped near a target they wanted to monitor.

       
    For example, a group interested in potential mergers might place such a backpack in Manhattan restaurants frequented by investment bankers. Verizon's website said the device has a 40-foot range, but the researchers believe that could be expanded by adding specialized antennas.
     

    The iSEC researchers are not the first to warn of vulnerabilities in femtocells, but claim to be the first to hack the femtocells of a U.S. carrier and also the first running on a wireless standard known as CDMA. Other hacking experts have previously uncovered security bugs in femtocells used by carriers in Europe.

       
    CTIA, a wireless industry group based in Washington, in February released a report that identified femtocells as a potential point of attack. John Marinho, CTIA's vice president for cybersecurity and Technology, said that the group is more concerned about other potential cyber threats, such as malicious apps. He is not aware of anycase where attacks were launched via femtocells.
     

    Still, he said, the industry is monitoring the issue: "Threats change every day.''

     

    You May Like

    Rolling Thunder Tribute to US Military Turns into a Trump Rally

    Half-million motorcycles are expected to rumble Sunday afternoon from Pentagon to Vietnam War Memorial for rally in event group calls Ride for Freedom

    The Struggle With Painkillers: Treating Pain Without Feeding Addiction

    'Wonder drug' pain medications have turned out to be major problem: not only do they run high risk of addicting the user, but they can actually make patients' chronic pain worse, US CDC says

    Video Canine Reading Buddies Help Students With Literacy

    Idea behind reading program is that sharing book with nonjudgmental companion boosts students' confidence and helps instill love of reading

    Featured Videos

    Your JavaScript is turned off or you have an old version of Adobe's Flash Player. Get the latest Flash player.
    Chinese-Americans Heart Trump, Bucking National Trendi
    X
    May 27, 2016 5:57 AM
    A new study conducted by three Asian-American organizations shows there are three times as many Democrats as there are Republicans among Asian-American voters, and they favor Hillary Clinton over Donald Trump. But one group, called Chinese-Americans For Trump, is going against the tide and strongly supports the business tycoon. VOA’s Elizabeth Lee caught up with them at a Trump rally and reports from Anaheim, California.
    Video

    Video Chinese-Americans Heart Trump, Bucking National Trend

    A new study conducted by three Asian-American organizations shows there are three times as many Democrats as there are Republicans among Asian-American voters, and they favor Hillary Clinton over Donald Trump. But one group, called Chinese-Americans For Trump, is going against the tide and strongly supports the business tycoon. VOA’s Elizabeth Lee caught up with them at a Trump rally and reports from Anaheim, California.
    Video

    Video Reactions to Trump's Success Polarized Abroad

    What seemed impossible less than a year ago is now almost a certainty. New York real estate mogul Donald Trump has won the number of delegates needed to secure the Republican presidential nomination. The prospect has sparked as much controversy abroad as it has in the United States. Zlatica Hoke has more.
    Video

    Video Drawings by Children in Hiroshima Show Hope and Peace

    On Friday, President Barack Obama will visit Hiroshima, Japan, the first American president to do so while in office. In August 1945, the United States dropped an atomic bomb on the city to force Japan's surrender in World War II. Although their city lay in ruins, some Hiroshima schoolchildren drew pictures of hope and peace. The former students and their drawings are now part of a documentary called “Pictures from a Hiroshima Schoolyard.” VOA's Deborah Block has the story.
    Video

    Video Vietnamese Rapper Performs for Obama

    A prominent young Vietnamese artist told President Obama said she faced roadblocks as a woman rapper, and asked the president about government support for the arts. He asked her to rap, and he even offered to provide a base beat for her. Watch what happened.
    Video

    Video Roots Run Deep for Tunisia's Dwindling Jewish Community

    This week, hundreds of Jewish pilgrims are defying terrorist threats to celebrate an ancient religious festival on the Tunisian island of Djerba. The festivities cast a spotlight on North Africa's once-vibrant Jewish population that has all but died out in recent decades. Despite rising threats of militant Islam and the country's battered economy, one of the Arab world's last Jewish communities is staying put and nurturing a new generation. VOA’s Lisa Bryant reports.
    Video

    Video Meet Your New Co-Worker: The Robot

    Increasing numbers of robots are joining the workforce, as companies scale back and more processes become automated. The latest robots are flexible and collaborative, built to work alongside humans as opposed to replacing them. VOA’s Tina Trinh looks at the next generation of automated employees helping out their human colleagues.
    Video

    Video Wheelchair Technology in Tune With Times

    Technologies for the disabled, including wheelchair technology, are advancing just as quickly as everything else in the digital age. Two new advances in wheelchairs offer improved control and a more comfortable fit. VOA's George Putic reports.
    Video

    Video Baby Boxes Offer Safe Haven for Unwanted Children

    No one knows exactly how many babies are abandoned worldwide each year. The statistic is a difficult one to determine because it is illegal in most places. Therefore unwanted babies are often hidden and left to die. But as Erika Celeste reports from Woodburn, Indiana, a new program hopes to make surrendering infants safer for everyone.
    Video

    Video California Celebration Showcases Local Wines, Balloons

    Communities in the U.S. often hold festivals to show what makes them special. In California, for example, farmers near Fresno celebrate their figs and those around Gilmore showcase their garlic. Mike O'Sullivan reports that the wine-producing region of Temecula offers local vintages in an annual festival where rides on hot-air balloons add to the excitement.
    Video

    Video US Elementary School Offers Living Science Lessons

    Zero is not a good score on a test at school. But Discovery Elementary is proud of its “net zero” rating. Net zero describes a building in which the amount of energy provided by on-site renewable sources equals the amount of energy the building uses. As Faiza Elmasry tells us, the innovative features in the building turn the school into a teaching tool, where kids can't help but learn about science and sustainability. Faith Lapidus narrates.

    Special Report

    Adrift The Invisible African Diaspora