Any GSM Phone Vulnerable to New Scam: Report
A well-known expert on mobile phone security says a vulnerability in a widely used wireless technology could allow hackers to gain remote control of phones, instructing them to send text messages or make calls.
They could use the vulnerability in the GSM network technology, which is used by billions of people in about 80 percent of the global mobile market, to make calls or send texts to expensive, premium phone and messaging services in scams, said Karsten Nohl, head of Germany's Security Research Labs.
Similar attacks against a small number of smartphones have been done before, but the new attack could expose any cellphone using GSM technology.
"We can do it to hundreds of thousands of phones in a short timeframe," Nohl told Reuters in advance of a presentation at a hacking convention in Berlin on Tuesday.
Attacks on corporate landline phone systems are fairly common, often involving bogus premium-service phone lines that hackers set up across Eastern Europe, Africa and Asia. Fraudsters make calls to the numbers from hacked business phone systems or mobile phones, then collect their cash and move on before the activity is identified.
The phone users typically don't identify the problem until after they receive their bills and telecommunications carriers often end up footing at least some of the costs.
Even though Nohl will not present details of attack at the conference he said hackers will usually replicate the code needed for attacks within a few weeks.
(Reporting By Tarmo Virki; Additional reporting by Jim Finkle; Editing by Matt Driskill)