Hacker builds $1,500 cell-phone tapping device

Aug 01, 2010 By JORDAN ROBERTSON , AP Technology Writer
In this July 30, 2010 photo, hacker Chris Paget sets up a long range RFID reading device at the DefCon hacker conference in Las Vegas. (AP Photo/Isaac Brekken)

(AP) -- A computer security researcher has built a device for just $1,500 that can intercept some kinds of cell phone calls and record everything that's said.

The attack Chris Paget showed Saturday illustrates weaknesses in GSM, one of the world's most widely used cellular communications technologies.

His attack was benign; he showed how he could intercept a few dozen calls made by fellow hackers in the audience for his talk at the DefCon conference here. But it illustrates that criminals could do the same thing for malicious purposes, and that consumers have few options for protecting themselves.

Paget said he hopes his research helps spur adoption of newer communications standards that are more secure.

"GSM is broken - it's just plain broken," he said.

GSM is considered 2G, or "second generation," cellular technology. Phones that run on the newer 3G and 4G standards aren't vulnerable to his attack.

If you're using an or other smart phone and the screen shows that your call is going over a , for example, you are protected. BlackBerry phones apply encryption to calls that foil the attack, Paget pointed out. But if you're using a type of phone that doesn't specify which type of network it uses, those phones are often vulnerable, Paget said.

Paget's device tricks nearby cell phones into believing it is a legitimate cell phone tower and routing their calls through it. Paget uses Internet-based calling technology to complete the calls and log everything that's said.

A caveat is that recipients see numbers on their Caller IDs that are different than the cell numbers of the people calling them. Paget claims it would be easy to upgrade the software to also include the callers' real numbers.

The device he built is an "IMSI catcher," which refers to the unique International Mobile Subscriber Identity numbers that phones use to identify themselves to .

Commercial versions of such devices have existed for decades and have mainly been used by law enforcement. Paget's work shows how cheaply hobbyists can make the devices using equipment found on the Internet.

"That's a significant change for research - it's a major breakthrough for everyone," said Don Bailey, a GSM expert with iSec Partners who wasn't involved in Paget's research.

Another security expert, Nicholas DePetrillo, said such devices haven't been built as cheaply in the past because the hardware makers have closely controlled who they sell to. Only recently has the necessary equipment become available cheaply online.

In the U.S., AT&T Inc. and T-Mobile USA are two cellular operators whose networks include GSM.

There are more than 3 billion GSM users and the technology is used in nearly three quarters of the world's markets, according to the GSM Association, an industry trade group.

In a statement, the group emphasized the hurdles to launching an attack like Paget's, such as the fact an attacker's base station would need to be physically close to the target and that only outgoing calls can be intercepted. Incoming calls are not vulnerable.

"The overall advice for GSM calls and fixed-line calls is the same: neither has ever offered a guarantee of secure communications," the group said. "The great majority of users will make calls with no reason to fear that anyone might be listening. However, users with especially high security requirements should consider adding extra, end-to-end security features over the top of both their fixed line calls and their mobile calls."

A representatives for AT&T had no comment. T-Mobile didn't immediately respond to e-mails Saturday from The Associated Press.

Paget had been debating dropping the demonstration from his talk, after federal authorities told him it might violate wiretapping laws. He went ahead with it after conferring with lawyers. He said he didn't believe he had broken any laws.

Explore further: Android gains in US, basic phones almost extinct

4 /5 (4 votes)
add to favorites email to friend print save as pdf

Related Stories

Researchers show how to use mobiles to spy on people

Apr 22, 2010

(PhysOrg.com) -- Researchers have demonstrated how it is possible to use GSM (Global System for Mobile communications) data along with a few tools to track down a person’s mobile phone number and their location, ...

Guide to breaking cell phone security revealed

Dec 30, 2009

(AP) -- A German security expert has raised the ire of the cell phone industry after he and a group of researchers posted online a how-to guide for cracking the encryption that keeps the calls of GSM-standard cell phone users ...

Stop Big Brother listening in to your mobile phone conversation

Sep 27, 2004

A team of University of Surrey scientists led by Professor Ahmet Kondoz has developed new technology which will enable companies and organisations to ensure that their GSM mobile phone conversations are totally secure and confidential. Prev ...

GSM system about to be compromised

Dec 08, 2009

(PhysOrg.com) -- Research scientists in California and elsewhere are deliberately setting out to compromise the mobile phone system used by around three billion people. The system uses Global System for Mobile ...

Recommended for you

Android gains in US, basic phones almost extinct

Apr 18, 2014

The Google Android platform grabbed the majority of mobile phones in the US market in early 2014, as consumers all but abandoned non-smartphone handsets, a survey showed Friday.

Hackathon team's GoogolPlex gives Siri extra powers

Apr 17, 2014

(Phys.org) —Four freshmen at the University of Pennsylvania have taken Apple's personal assistant Siri to behave as a graduate-level executive assistant which, when asked, is capable of adjusting the temperature ...

Microsoft CEO is driving data-culture mindset

Apr 16, 2014

(Phys.org) —Microsoft's future strategy: is all about leveraging data, from different sources, coming together using one cohesive Microsoft architecture. Microsoft CEO Satya Nadella on Tuesday, both in ...

User comments : 2

Adjust slider to filter visible comments by rank

Display comments: newest first

DickWilhelm
not rated yet Aug 02, 2010
Very nice demonstration, I should hope he doesn't get in trouble. This is free speech :/
Objectivist
not rated yet Aug 02, 2010
How is actively monitoring other peoples private phone calls free speech? I'm not saying he should get in trouble for it, but simply ranting "free speech" doesn't make it so.

More news stories

Ex-Apple chief plans mobile phone for India

Former Apple chief executive John Sculley, whose marketing skills helped bring the personal computer to desktops worldwide, says he plans to launch a mobile phone in India to exploit its still largely untapped ...

Airbnb rental site raises $450 mn

Online lodging listings website Airbnb inked a $450 million funding deal with investors led by TPG, a source close to the matter said Friday.

Health care site flagged in Heartbleed review

People with accounts on the enrollment website for President Barack Obama's signature health care law are being told to change their passwords following an administration-wide review of the government's vulnerability to the ...

A homemade solar lamp for developing countries

(Phys.org) —The solar lamp developed by the start-up LEDsafari is a more effective, safer, and less expensive form of illumination than the traditional oil lamp currently used by more than one billion people ...

NASA's space station Robonaut finally getting legs

Robonaut, the first out-of-this-world humanoid, is finally getting its space legs. For three years, Robonaut has had to manage from the waist up. This new pair of legs means the experimental robot—now stuck ...

Filipino tests negative for Middle East virus

A Filipino nurse who tested positive for the Middle East virus has been found free of infection in a subsequent examination after he returned home, Philippine health officials said Saturday.

Egypt archaeologists find ancient writer's tomb

Egypt's minister of antiquities says a team of Spanish archaeologists has discovered two tombs in the southern part of the country, one of them belonging to a writer and containing a trove of artifacts including reed pens ...