Researchers show how to use mobiles to spy on people

Apr 22, 2010 by Lin Edwards report

(PhysOrg.com) -- Researchers have demonstrated how it is possible to use GSM (Global System for Mobile communications) data along with a few tools to track down a person’s mobile phone number and their location, and even listen in on calls and voicemail messages.

Independent researcher Nick DePetrillo and security consultant Don Bailey demonstrated their system at the SOURCE Boston security conference earlier this week. Using information from the GSM network they could identify a user’s location, and they showed how they could easily create dossiers on people’s lives and their behavior and business dealings. They also demonstrated how they were able to identify a government contractor for the US through analyzing phone numbers and caller IDs.

Bailey and DePetrillo’s demonstration showed up inherent weaknesses in the way mobile providers expose interfaces to each other to interoperate over the GSM infrastructure. They used the Home Location Registry (HLR) and GSM provider caller ID database, along with some of their own tools and voicemail-hacking techniques.

Their technique was to first obtain their victim’s mobile phone number from the ID database, and they used an open-source PBX program to automate phone calls to themselves, which triggered the system to force a name lookup. They could then associate the name information with the phone number in the caller ID database. Their next step was to match the phone number with the location using HLR, which logs the whereabouts of numbers to allow networks to hand calls off to each other. Individual phones are logged to a register of mobile switching centers within specific geographic regions. DePetrillo said he was even able to watch a phone number moving to a different mobile switching center, regardless of where in the world they were located.

The pair were even able to track a journalist who interviewed an informant in Serbia and then traveled back to Germany, and they also obtained the informant’s phone number. DePetrillo said it was also a simple matter to access voicemail without the phone ringing by making two almost simultaneous calls; the first disconnects before it is picked up, and the second goes into voicemail.

The researchers have not released details of the tools they developed, and have alerted the major GSM carriers about their results. Bailey said the carriers were “very concerned,” but mitigating these sorts of attacks would not be easy. In the meantime there is little mobile phone users can do to protect themselves short of turning off their phones. Indications of an attack might include the phone calling itself, or the phone suddenly calling someone by itself, but most attacks would produce no signs visible to the phone user.

DePetrillo said some of their research scared them, since they were able to track important people who were themselves protected by high security measures by tracking people close to them, such as congressional aides, who were not under high security. He also said the attacks they demonstrated could be made on corporations as well as individuals, and corporations would be well advised to look at the policies they have in place, especially for their executives.

Bailey said their system is not illegal and does not breach the terms of service.

Explore further: Hand out money with my mobile? I think I'm ready

Related Stories

Stop Big Brother listening in to your mobile phone conversation

Sep 27, 2004

A team of University of Surrey scientists led by Professor Ahmet Kondoz has developed new technology which will enable companies and organisations to ensure that their GSM mobile phone conversations are totally secure and confidential. Prev ...

Let freedom ring with Google Voice

Aug 05, 2009

With the exception of touch-tone phones, Caller ID and cell phones, talking on the phone hasn't changed a lot during the past few decades. That's a big reason why people are increasingly choosing to text, ...

GSM system about to be compromised

Dec 08, 2009

(PhysOrg.com) -- Research scientists in California and elsewhere are deliberately setting out to compromise the mobile phone system used by around three billion people. The system uses Global System for Mobile ...

Recommended for you

Hand out money with my mobile? I think I'm ready

16 hours ago

A service is soon to launch in the UK that will enable us to transfer money to other people using just their name and mobile number. Paym is being hailed as a revolution in banking because you can pay peopl ...

Quantenna promises 10-gigabit Wi-Fi by next year

Apr 16, 2014

(Phys.org) —Quantenna Communications has announced that it has plans for releasing a chipset that will be capable of delivering 10Gbps WiFi to/from routers, bridges and computers by sometime next year. ...

Tech giants look to skies to spread Internet

Apr 16, 2014

The shortest path to the Internet for some remote corners of the world may be through the skies. That is the message from US tech giants seeking to spread the online gospel to hard-to-reach regions.

Wireless industry makes anti-theft commitment

Apr 16, 2014

A trade group for wireless providers said Tuesday that the biggest mobile device manufacturers and carriers will soon put anti-theft tools on the gadgets to try to deter rampant smartphone theft.

Dish Network denies wrongdoing in $2M settlement

Apr 15, 2014

The state attorney general's office says Dish Network Corp. will reimburse Washington state customers about $2 million for what it calls a deceptive surcharge, but the satellite TV provider denies any wrongdoing.

Netflix's Comcast deal improves quality of video

Apr 14, 2014

Netflix's videos are streaming through Comcast's Internet service at their highest speeds in the past 17 months now that Netflix is paying for a more direct connection to Comcast's network.

User comments : 9

Adjust slider to filter visible comments by rank

Display comments: newest first

LKD
not rated yet Apr 22, 2010
So much for any semblance of privacy.

Which will come first, the private companies fixing their system? Or the government mandating by law they do?
ThanderMAX
not rated yet Apr 22, 2010
We already trust GSM providers for confidentiality of HLR, don't we ?

[It's their duty to protect users identity]

Even as per GSM standard, sms is sent to all mobile towers and only the intended set receives the message , who's there to blame someone if someone bluntly accepts all sms sent through nearest towers.
Just like promiscuous mode in ethernet card :)
Expiorer
2.3 / 5 (3) Apr 22, 2010
this is made to be vulnerable - to watch us.
dustydude
4 / 5 (4) Apr 22, 2010
Yeah to watch you and your malevolent paranoia!
LuckyBrandon
not rated yet Apr 22, 2010
Does it really matter...the government (at least in the US) is already listening in on random cell phone calls....
The privacy you had on your cell phone went away back at the beginning of 2002...
CynthiaY29
not rated yet Apr 22, 2010
This isn't new, just an old story revamped.
baudrunner
not rated yet Apr 22, 2010
You could partially defeat the system by turning off the GPS locator service on your phone. That way they would only be able to tell what cell you were in, but not at what specific location.
boldone894
5 / 5 (1) Apr 23, 2010
And don't forget to take the battery out
And don't forget to wear aluminium foil on your head so they can't track you by your brainwaves! :)

MikeLisanke
1 / 5 (1) May 01, 2010
Does it really matter...the government (at least in the US) is already listening in on random cell phone calls....
The privacy you had on your cell phone went away back at the beginning of 2002...


Not random cell phone calls, all calls, in every phone network, using high-speed voice recognition to do keyword searches of interest.

Public security must be maintained. ;-)

More news stories

Venture investments jump to $9.5B in 1Q

Funding for U.S. startup companies soared 57 percent in the first quarter to a level not seen since 2001, as venture capitalists piled more money into an increasing number of deals, according to a report due out Friday.

White House updating online privacy policy

A new Obama administration privacy policy out Friday explains how the government will gather the user data of online visitors to WhiteHouse.gov, mobile apps and social media sites. It also clarifies that ...

Hackathon team's GoogolPlex gives Siri extra powers

(Phys.org) —Four freshmen at the University of Pennsylvania have taken Apple's personal assistant Siri to behave as a graduate-level executive assistant which, when asked, is capable of adjusting the temperature ...

Scientists tether lionfish to Cayman reefs

Research done by U.S. scientists in the Cayman Islands suggests that native predators can be trained to gobble up invasive lionfish that colonize regional reefs and voraciously prey on juvenile marine creatures.

Leeches help save woman's ear after pit bull mauling

(HealthDay)—A pit bull attack in July 2013 left a 19-year-old woman with her left ear ripped from her head, leaving an open wound. After preserving the ear, the surgical team started with a reconnection ...