Search This Blog

Showing posts with label Mobile Vulnerability. Show all posts

Hackers Exploiting a Critical Weakness in Mobile Phones to Track Location



The interface designed for the usage of cell carriers is being exploited heavily by attackers. It allows the cell carriers to get in direct touch with the SIM cards inside subscribers' smartphones, the interface can be employed by the carriers for allowing subscribers to make use of the data stored on their SIM card to provide account balances along with other specialized services.

Hackers can secretly track the location of subscribers by exploiting the interface and giving commands to acquire the IMEI identification code of device; the Simjacker exploit further allows them to carry out actions such as making calls or sending messages.

According to the researchers at AdaptiveMobile Security, the working of the Simjacker exploit is not limited to a few devices, rather, it can be carried out on a wide range of mobile phones, irrespective of their software or hardware.

Unfolding the various aspects of the attack, Dan Guido, a mobile security expert and the CEO of security firm Trail of Bits told Ars, “This attack is platform-agnostic, affects nearly every phone, and there is little anyone except your cell carrier can do about it.”

While commenting on the issue, Karsten Nohl, the chief scientist at SRLabs, told Ars, “We could trigger the attack only on SIM cards with weak or non-existent signature algorithms, which happened to be many SIM cards at the time,”

 “AdaptiveMobile seems to have found a way in which the same attack works even if signatures are properly checked, which is a big step forward in attack research.” He added.

Israeli company says it can break into any iPhone — and can help law do the same

In a major win for US law enforcement, Israeli cyber forensics firm, Cellebrite, which is a major government contractor, claims to have found a way to break into any iPhone in the market. The company says that it can get around the security of devices running from iOS 5 to iOS 11.

The company is allegedly actively advertising to law enforcement and private forensics from across the globe.

This reportedly includes the iPhone X, which Forbes reported had been successfully breached by the Department of Homeland Security in November 2017 with suspected involvement of Cellebrite technology.

The reporter was able to dig up a warrant for the same, which notes that the department’s Cellebrite specialist performed a “forensic extraction” in December, although the exact method of unlocking the iPhone is not mentioned.

Apple has repeatedly refused to help law enforcement agencies break into iPhones, stating the need its customers’ privacy. This decision has often led to clashes between the two.

In the past, there have been various cases when law enforcement called upon Apple to provide a way to unlock the iPhones to access necessary information, even going so far as to obtain a court order to help disable to PIN feature. However, Apple has always refused.

If Cellebrite has indeed found a way to hack into iPhones, it could lead to a major change in their interactions.

80 Percentage of GSM Phones vulnerable to Remote access

Karsten Nohl,German Researcher have found a vulnerability in GSM mobile phones that allow hackers to gain the Remote access and instruct them to send SMS or make call.

"The GSMA and its mobile network operator members are confident in the security of existing 2G GSM networks and real attacks on real networks against real customers are most unlikely," it said in a statement, adding that newer technologies are safer and not impacted by the new research

Similar attacks against a small number of smartphones have been done before, but this new attack can affect any cellphone using GSM technology.

"We can do it to hundreds of thousands of phones in a short time frame," Nohl told Reuters ahead of a presentation on the topic at a hacking convention in Berlin on Tuesday.

Each GSM command is exactly 23 bytes long. In most cases, Nohl said that leaves room for carriers to send random data that makes messages harder to intercept. However, some messages use the full 23 bytes requiring a more sophisticated workaround to make things secure.

Researchers analyzed 32 operators in 11 countries(Austria, Belgium, the Czech Republic, France, Germany, Hungary, Italy, Morocco, Slovakia, Switzerland and Thailand) for this kind of vulnerability and protection. The result is Negative , Nohl says "None of the networks protects users very well".

Nohl said mobile telecom operators could easily improve their clients' security, in many cases by just updating their software.

"Mobile network is by far the weakest part of the mobile ecosystem, even when compared to a lot attacked Android or iOS devices," Nohl added.

SMS vulnerability in windows Phone allows hackers to diable the Message Hub


Single SMS can reboot the device and disable the Messaging Hub on Windows Phone 7.5 completely, reported in WinRumors. This vulnerability was discovered by Khaled Salameh and submitted to WinRumors on Monday
Windows Phone SMS Attack

Researchers tested the attack on a range of Windows Phone devices, including HTC’s TITAN and Samsung’s Focus Flash. Some devices were running the 7740 version of Windows Phone 7.5, others were on Mango RTM build 7720. The attack is not device specific and appears to be an issue with the way the Windows Phone messaging hub handles messages.

This attack can be launched by Sending a message from Facebook chat or Windows Live Messenger to the phone.

WinRumors and Salameh have reported the issue to Microsoft.

Bit9 Dirty Dozen Report highlights the most vulnerable Smartphones of 2011

Bit9 release yearly vulnerability report that highlights the most vulnerable Smartphones.  Usually Bit9 releases its annual Dirty Dozen report to highlight software vulnerabilities and the risks they pose to both consumers and corporations.  But this year they changed the topic to Smartphone as the usage of Smartphones is increasing. 

According to their report, Smartphones Manufacturers such as Samsung, HTC, Motorola, Sanyo, LG and SONY were slow to upgrade phones to the latest and most secure version of Android .  56% of Android phones in marketplace today are running out of date and insecure Android operating system software. This results in their device is being hacked.

"All operating systems have vulnerabilities," Svedlove(Bit9 Chief Technology Officer) points out, but it's how quickly and effectively software gets fixed that matters

The Not-So-Smartphones of 2011
  • Samsung Galaxy Mini
  • HTC Desire
  • Sony Ericsson Xperia X10
  • Sanyo Zio
  • HTC Wildfire
  • Samsung Epic 4G
  • LG Optimus S
  • Samsung Galaxy S
  • Motorola Droid X
  • LG Optimus One
  • Motorola Droid 2
  • HTC Evo 4G

To read the complete Bit9 Report of The Most Vulnerable Smartphones of 2011, click here.