Category Archives: Phone Hacks

06/22/12

Telephone Networks & Traffic Analysis

Geo-positioning

Geo-positioning is the act of determining where an object is located. Different methods of positioning have dramatically different accuracy ranges. Cellphones can be positioned with several different techniques. Most cell phones today have GPS capabilities, this allows for positioning with around thirty meters of accuracy. Cell phones with WiFi can be positioned with WPS, or WiFi Positioning System technology. This allows for accuracy of around ten meters. Cell phones can also be triangulated, this can result in accuracy of around one hundred meters.

Remotely positioning a targets phone can be accomplished by adversaries of all sorts. Federal agents in the USA are pushing for telecommunication companies to be required to keep geo-position records of cell phones. If this does not come to pass, they can obtain such records themselves by setting up their own antenna mesh networks. These networks can position phones using WPS or traditional cell signal triangulation. Agents can set up networks of WiFi antennas that analyze signal strength. When these signals are gathered by multiple antennas, the signal strength each antenna observes can be processed to determine the geospatial position of the cell phone the WiFi signals are coming from. This can also be used for positioning laptops, computers, PDA’s or any other device that broadcasts a WiFi signal.

Agents can position phones with out WiFi by analyzing cellular signals with a similar technique. They do not need the cell towers of the telecommunications provider, they can easily set up their own antennas. They do not need warrants to do this, nor will they likely need warrants to get positioning data directly from the telecommunication providers.

An adversary with the ability to gain unauthorized access to a cell phone, be they a hacker or an agent, can potentially remotely position a cell phone by using on board GPS. Some telecommunication providers already keep geo-positioning records of cell phones, these databases are potentially for sale to data miners.

Cellular geo-positioning can be used for various attacks depending on the accuracy of the positioning system used. Most individuals carry their cell phone with them at all times, this allows for a positioner to know the movements of a target over time. Passive attacks can be done scanning massive collections of geo-positioning data for stereotypical patterns. It is widely known that law enforcement associate excessive traffic to a dwelling with drug dealing. This is a stereotypical pattern of low and mid level drug dealers, multiple individuals enter their homes stay for a brief period of time and then leave.

If these individuals carry cell phones with them, this pattern can be detected passively with computers. There is no need for law enforcement to observe the stereotypical traffic patterns of drug dealing, a computer can analyze geo-positioning records of cell phones and detect this pattern with no adversarial human observation of the actual human traffic. The attack does not stop here. A mid or low level dealer often gets his drugs from a supplier before selling them to consumers. The adversary can scan the geo-positioning logs and use crowd reduction attacks to find what all cell phones the suspected dealers cell phone was near with regularity. Of course there will be many neutral third party cell phones near the dealers cell phone over a given stretch of time, but by removing cell phones that are not near the dealers cell phone with a pattern of frequency this chaff can be filtered out. Likely suppliers are what is left. By analyzing the geo-positioning information of the suspected suppliers cell phones, characteristics of a supplier may show. For example, perhaps one of the suspected suppliers geo-positioning information shows that he makes trips to a drug source state with a pattern of regularity.

The attack is still not done. By analyzing the geo-positioning records of the suspected supplier, the adversary can determine not only who all the supplier likely supplies, but they can determine the geospatial location of where he makes his purchases. Perhaps his cell phones geo-positioning records indicate that he has a pattern of going to a particular location in a drug source state before driving back to his home state. The location in the drug source state is likely the source of drugs, perhaps a grow house or the home of an importer.

This attack is not limited to going up a hierarchy of drug distribution, it can also go outwards. All of the dealers supplied by the supplier can have their geo-positioning records analyzed with a crowd reduction attack, and now all of the likely customers of this dealer are known. Simply by feeding all cell phone geo-positioning records into a super computer, the adversary can map out tremendous amounts of individuals involved with the drug trafficking business as well as their likely role in the networks they are involved with.

This is a threat to many drug supply networks that must be taken seriously. To get such results, positioning accuracy of cell phones must be pretty good. The less accurate the positioning records are, the less useful they are for network and traffic analysis. However, even with only one hundred meters of accuracy, a great deal can be learned about the suspected drug network nodes.

Protecting from geo-positioning attacks is simple. Do not carry a cell phone with you when you go to pick up drugs. Never sell drugs from a static location, this location can be quickly identified. Use different meet up spots to do deals. Do not carry a cell phone with you when you go to make a pick up from a supplier. Do not sell from where you produce.
Routing Information

Geo-positioning is not the only way to perform network analysis with cell phone networks. A more likely area of attack is in the actual communications routing. Telecommunications companies are able to see who you call and who calls you. Federal agents can get this information with no requirement for a warrant, as no communications are observed it does not count as a wiretap by law. It is likely that federal and intelligence agents are already doing this sort of attack.

When a node is compromised (a person is busted with drugs), law enforcement can gather the call records of this node. A single compromised node will not give them much information about a network. After several nodes of a drug network are busted, the attack becomes more deadly. Crowd reduction attacks can be performed on the routing data of all the busted nodes. This will remove chaff, such as phone calls to family members and friends who are not involved with the drug trade, which will not have ties to many nodes of a drug network. The more nodes that are compromised, the clearer the picture of the drug network becomes to the adversary.

Stereotypical behaviors are also exhibited in drug phone calls. They tend to be short, patterns of communications tend to fit into stereotyped frequency ranges. This information can be used to further the insight into a drug network, as well as to determine the likely roles of individual nodes. Even if phone calls are made from different locations every time, if the phone is the same the patterns can be detected.

This routing information will not be useful for evidence. There is nothing illegal with calling someone who is suspected of dealing drugs. There is a clear distinction between evidence and intelligence: intelligence leads to evidence. After a person is identified by telephone routing information as likely playing a given position in an identified drug network, physical surveillance can be done on this person. “Random” traffic stops can happen. This will likely lead to evidence.

Some groups attempt to minimize the risk of cell phone routing based traffic analysis by rotating through multiple disposable phones over a short period of time. This can be effective, but it may not be as effective as some people would like to think. FBI has in the past identified individuals who use multiple throw away cell phones simply by analyzing data routed to the phones of those these people communicate with. If Alice has a pattern of calling Bob and Carrol, but she uses a new throw away cell phone every week, it will be of limited effectiveness as her new phone can be identified simply by monitoring phones that route information to Bob and Carrol in the pattern known to be associated with Alice.

The best bet to avoid cell phone routing data leading to intelligence of your drug network, is to never use cell phones in conjunction with your drug network activity. Cell phones are too prone to network analysis, even if new disposable phones are used over time. The only place a disposable cell phone has in your operations are for single time operations. A single time operation is where the cell phone is used for a single activity that is not part of a larger pattern of activity associated with other static nodes.

Share on TumblrSubmit to StumbleUponhttp://uscyberlabs.com/blog/wp-content/uploads/2012/06/tele_geo-300x192.jpgDigg ThisSubmit to reddit
05/7/12

Will .China Mobile. Spy on U.S?

gAtO wAs- reading Stan Abrams a lawyer and professor in Beijing, China article about “Will China Mobile Get It’s U.S. License Approved? – http://www.businessinsider.com/will-china-mobile-get-its-us-license-approved-2012-5 the FCC “Team Telecom” has all the power in this deal. This is simple when a foreign ownership wants to come into our telecom world we want the DHS, DOJ, FBI DoD to investigate them for backdoor into the infrastructure that no virus scan can detect- in the hardware and firmware….

This is a big deal, we gave the OK a few years ago to China Telecom and China Unicom similar licenses in 2002-03. Why the big deal now. Well the last few years China has increased it’s attacks on U.S companies sucking in their IP (-Intellectual Properties). To top things off Huawei just got turned down down-under in Australia to allow it to come into their Telecom network. Once again when you give access to our telecom network we are giving them the key to all our information. Now keep in mind that we still have over 60-70% of our government C&C (Command and Control) running on our public Internet pipelines. Back a few years ago China re-routed over 15% of all the Internet traffic thru their routers. While we developed a kill switch to isolate us from the rest of the world and do a reset. Anyway the FCC has a lot of power that no one knows about check out there liaison activities list below it quite interesting.

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

Okay, reality check time. I doubt that China Mobile would want the type of scrutiny that a court case would mandate, so I don’t expect a formal challenge to a rejection from “Team Telecom.” Certainly Beijing doesn’t want China Mobile to disclose to anyone what it is required by Chinese law to do with data on its networks (hint: government monitoring). Moreover, the U.S. national security apparatus certainly wouldn’t want to disclose what it knows to the “other side” (i.e. China). And at the end of the day, neither side wishes to disclose any of this to the general public.

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

 

If they turn China Mobile down and it’s contested it would be good to see what evidence the U.S. Government has to say “we believe this company is spying on us with these backdoors they put in”.  Yeah in an election year it’s going to get hot with China if they play a bad boy I think Obama may have to show them what we can really do in cyber space -gAtO oUt

Reference:

FCC Homeland Security – Liaison Activities http://transition.fcc.gov/pshs/docs/liaison.pdf

Read more: http://www.chinahearsay.com/will-china-mobile-get-its-u-s-license-approved/#ixzz1uBhPIJEt

CodeName Tempest http://en.wikipedia.org/wiki/TEMPEST

Share on TumblrSubmit to StumbleUponhttp://uscyberlabs.com/blog/wp-content/uploads/2012/05/china-computer-hac_1963116c-150x150.jpgDigg ThisSubmit to reddit
12/28/11

Business Cell Phones Hacks Will Soar In 2012

gAtO sAy -In 2012 businesses information will be the main hacking victims thru their cell phones. IEEE say’s “it is likely to be C-suite executives exposing businesses to vulnerabilities” (CEO -Chief Executive Officer, CFO -Chief Financial Officer, COO -Chief Operations Officer) yes even (CTO’s) Chief Technology Officer will get their cell phones hacked and all kind of IP intellectual property- BI Business Intelligence- KM knowledge management- will go out the door. The hacked information is a treasure to cyber criminals, competition, international/national governments, hackers and scipt-kiddies. Smartphones Danger for Corporate World

GaTo sAiD bEfOrE -Why is this true, the public has been trained to recognize cyber-security threats associated with their PCs and laptops, they do not see their smart phones as computers and subject to the same threats. And in some ways those threats are even worse.

Research by IEEE Fellow Dr. Jeffrey Voas in the US has so far uncovered malware in more than 2,000 free smartphone apps. Voas says free, rogue applications like this will be the most common access-point for hackers over the next year.

Unlike on a PC, where web browsers often give plenty of warning about dodgy websites with warning lights and alerts, the screens on smart phones are too small to display this protection, These devices contain identifying information, potentially saved passwords, and authentication details, and are much more likely to be misplaced or stolen than other larger portable computing equipment.
It takes just one high or low level employee to download malware onto their phone and spread it to the organization systems.

But the fun does not end here you don’t really need to be a hacker to get information to decide who to attack, just like targeted spear phishing attacks.
Here are a few thought:

2012 Security Predictions gAtO working copy v.01-alpha - click to enlarge

  • ? spoofed caller ID -
  • ? low-tech approach of merely guessing someone’s four-digit voicemail PIN number or password
  • ? pretexting -professional imposters

Social engineering if a person uses there cell phones to update Linkedin, Facebook or twitter – “Send an enticing link via SMS, email, Twitter; if the target follows from their phone you’ve got a chance at using one of many remote exploits for iPhone and Android to install a rootkit,”

An attacker can join social media and start collecting friends I’m sure there will be a wealth of information out there. Even indirect if you can get a friend of a friend of a friend you may be able to see your subjects SMS or cell phone update.

Watch how you use your cell phones PEOPLE.

WiFi and VIOP hacking for the personal and corporate data and better still small mom & pop stores and small business, how much information does your local gas station, news stand have on you, they don’t have an IT department. VIOP can allow you to drive by phone phreaking along the back roads of suburbia near the subjects (targets) home address.
Android and iPhones re-syncs phone book data, voicemail, text message logs, browser history, or anything covertly sent to you with your computer. Even your personal computer may have business information.
“Older versions of Android are easiest to hack,” – “Recent versions of iOS [are easy to hack] too, though both Apple and Google have been quick to release patches.”
If a rogue hacker were to hack into someone’s (your) voicemail, is there any way to detect the intrusion? Unfortunately, voicemail systems from the major carriers in the U.S. leave a lot to be desired. None that I’ve encountered offer any sort of access log. The best you can determine is whether or not a message has been listened to. Even then, if a hacker were to listen to and then delete a message, you’d have little way of knowing.”
Getting a person’s personal phone number to spoof could be accomplished by finding it in publicly available documents such as student listings, or these days, on social networking sites like Facebook. A bit of social engineering with real people who know or could access the number would accomplish the same thing

Your E-Mail is the KEY to cell phone hacking. It’s the closest thing to the skeleton key of the digital world. How about if your email is hacked and your password published. How about just simple bad password, in the release of the hacked email from Stratfor there were 100 with “password” in them. How about the last four digits of your phone number, or 1-2-3-4, or publicly available information like your birthday,”

Data Breach Affects 50,000 people; 50,277 Credit Card Numbers, 44,188 Hashed Passwords, 47,680 E-Mail addresses.
personally identifiable information:
• 50,277 Unique Credit Card Numbers, of which 9,651 are NOT expired. Note: Many credit cards are re-issued, and many credit card processors do not check the expiration date. Consequently, more than 9,651 credit card holders may still be at risk.
• 86,594 Email addresses, of which 47,680 are unique.
• 27,537 Phone Numbers, of which 25,680 are unique.
• 44,188 Encrypted Passwords, of which roughly 50% could be easily cracked.
• 73.7% of decrypted passwords were weak
• 21.7% of decrypted passwords were medium strength
• 4.6% of decrypted passwords were strong
• Average decrypted password length: 7.1 Characters.
• 10% of decrypted passwords were less than 5 characters long.
• Anonymous and AntiSec Hackers??Only 4.8% of decrypted passwords were 10+ characters long.
• Presumably the remaining non-decrypted passwords were stronger than the decrypted subset.
• 13,973 of the addresses belonged to United States victims; the remainder belonged to individuals from around the world.
Cell Phone — Password retrieval mechanisms can be exploited, most security protocols send forgotten passwords to a person’s main email address. Every service in the world typically goes back to your email address. Your primary email password should be different than anything else you use, and it should be stronger than any other password you use.”

Ubiquitous computing, of which our smartphones and tablets are but just the beginning, is going to require that we shift our paradigms of privacy and security in profound ways. This isn’t just the responsibility of the average Joe user, however.  We need to be demanding that our mobile service providers aggressively protect our privacy and keep the bar high for device security. In the meantime, to avoid becoming phone hacking victims, users should take extra precautions to regularly reset their PIN numbers to protect their data — just as we’re engrained to do with our computers and online accounts.
It’s not unreasonable to project that [phone hacking] will become more common, as more of our important data finds its way into the cloud, those seeking to exploit that data will seek the weakest point of entry. Your cell phone can talk to a cloud service so think about it. One exploit ran an application on the attacked phone that could retrieve data. The SMS came back with the attack phone’s INSI number; the phone’s unique ID. However the application could have just as easily have stolen a contact list, either personal or corporate. It is also possible in this scenario to push viruses to the device or even initiate a denial of service attack. The app could easily uncheck SSL, leaving the device vulnerable with no encryption when you login at your local coffee shop. These kinds of hacks are unique to smartphones because PCs don’t have SMS capabilities, gAto advised all smartphones that are under an organization’s control be tightly monitored, patched and updated regularly to avoid users taking matters in their own hands… - gAto oUt

References:
IEEE Experts Predict Smartphone Hacking Will Soar in 2012

http://www.prnewswire.com/news-releases/ieee-experts-predict-smartphone-hacking-will-soar-in-2012-134658373.html

http://uscyberlabs.com/blog/2011/12/28/stratfor-hack-personal-identifiable-information/

http://www.cellphonehacks.com/

http://en.wikipedia.org/wiki/Phishing

http://en.wikipedia.org/wiki/Corporate_title

http://www.cisco.com/en/US/products/csa/cisco-sa-20050412-icmp.html

http://www.google.com/search?client=safari&rls=en&q=midnight+raid+attack&ie=UTF-8&oe=UTF-8

http://www.privateline.com/mt_cellbasics/index.html

Share on TumblrSubmit to StumbleUponhttp://uscyberlabs.com/blog/wp-content/uploads/2011/12/Phones__AAA_2012_Security_Predictions_01-copy-1024x248.pngDigg ThisSubmit to reddit
12/21/11

2012 Security Predictions -Smartphone Danger for Corporate World.

gAtO hEaR- Agiliance and Cisco both predict that Smartphones (cell-Phones) will be the big news for 2012 as related to cyber security hacks and attacks. Mobile devices are the biggest seller as to terminal devices that people use to communicate via cyberspace. Look at the power it gave the “Arab Spring” and others. The problem is that smartPhones have a lot of problems as to personal and company owned, that companies need to be address. Delineation of employer-owned versus employee-owned data for the workplace will become a major step that companies do not yet understand. Who own the data on my personal smartphone if I use it to conduct business. Who makes sure that if I lose my cell phone all company data is encrypted and meets regulatory standards.

employees phone have company IP (intellectual property) BI (business intelligence) and KM (knowledge management)

Cell phone have no embedded strong authentication or secure mobile operating systems. Does my company do vulnerability scanning on my phone to find the newest viruses or is it up to the individual to make sure virus scanning is up to date. On top of all these problems are social networks that are being access via these mobile devices. In social network confidential information about a work and/or project can give the competition an edge. With all the new phone apps is it the employees job to monitor that the new “angry bird” may have access to call others and send them geo-location or how about it send out all your business contact you have in your address book that you sync with the office calendar and corporate email.

Mobile devices will make a big change as companies figure out their employees phone have company IP (intellectual property) BI (business intelligence) and KM (knowledge management) and the aspect of who owns the phone and who owns the data will become a big deal for HR departments worldwide. Smartphones need better security since they are used in business transactions everyday.

Strong authentication for mobile devices is non-existence. How about the ability to scan employee’s phones for viruses, trojan that can infect your companies data center. Remember the employee normally owns the phone so the legality of using personal mobile devices and the security of the company data may need regulatory actions to mitigate compliance. So companies need to know who uses personal mobile devices at work.

If the mobile device is personal your company may not be able to stop employee’s from using it on social media. Social media on these device can allow everyone to know confidential company information to be tweeted anywhere even the competition. Cyber criminals are cruising social networks for your company information for targeted phising attacks and mobile devices are very unsecured.

USCyberLabs.co will handle the other Big 2021 Security issues in future post.

gAtO oUt-

 

Share on TumblrSubmit to StumbleUponhttp://uscyberlabs.com/blog/wp-content/uploads/2011/12/Phones__AAA_2012_Security_Predictions_01-copy.pngDigg ThisSubmit to reddit
08/16/11

Hacking OK for News Corp

Clive Goodman a former News of the World reporter has alleged that there was a massive cover-up of phone hacking at the paper. So hacking for profit like cyber criminals is OK if you’re an International corporation. News media have rights above the normal citizen, when they abuse these rights and become common cyber criminal they have the power, the influence and the connections so nothing happens. This is outright cyber crime for profits and they just posted new profits in their lates SEC filings.
We have news organizations ranting about Anonymous & others hacktivist but as you follow News Corp and Fox News here in America it does not raise any problems. The Republican Party alignment with Fox news gives these corporations power to not get prosecuted. While we go after 18-year-old hacktivist kids in mom & dad house because they show us that the security of a lot of companies is crap. Yes I understand that they leak information about cops and other things but a police department that goes online should have good security. Imagine if real cyber criminals were to hack police departments and modify documents in murder investigations or for money. Some may hacks the police and gets their case thrown out of court.
Corporations that hack for profit should be held accountable for their actions News Corp just got caught but imagine how many other hacks they have committed and no one knows about. I have the knowledge to hack someone but I have a moral backbone that tells me not to do it. Corporation with such powers should be watched more carefully and the security community should help but if they do they may loose profits. They will gain more respect and the short downturn will in the end mean more profits for companies that do the right thing, the ethical thing. Just because we can do something should not mean we should and for profits that’s just wrong.
Look at what happened in San Francisco and BART. The police took it upon themselves to shut off communication just because they could. No crime was committed but they did because someone thought about it. The movie “Minority Report” criminals are caught before the crimes they commit. This sounds just like it.

The mind Police is here in America be careful of what your think, you may be arrested for it.

My 2© cents – gatoMalo_at_uscyberlabs_dot_com

http://USCyberLabs.com/blog/

http://ChinaCyberWarfare.wordpress.com

http://HacktivistBlog.wordpress.com/

http://www.huffingtonpost.com/2011/08/16/phone-hacking-cover-up-news-of-the-world-clive-goodman_n_927939.html

Share on TumblrSubmit to StumbleUponSave on DeliciousDigg ThisSubmit to reddit
07/20/11

A Legal Company is paying Hackers Legal Fees -

Murdoch Organization Still Paying Phone Hacker’s Legal Fees? Amazing

Telegraph:

Mr Murdoch said: “I asked the question myself and I was very surprised to find the company had made certain contributions to legal settlements.

“I don’t have all of the details around each of those – not legal settlements sorry, legal fees – I was surprised, I was very surprised to find out that had occurred.

“They were done, as I understand it, in accordance with legal counsel and their strong advice.”

Asked who signed the cheques, Rupert Murdoch said “it could have been” Les Hinton, head of News International at the time, or, alternatively, the chief legal officer.

It was put to the Murdochs that their company had been paying legal fees for Mulcaire, a “convicted felon” – a charge James Murdoch admitted.

He said: “I do know certain legal fees were paid for Mr Mulcaire by the company and I was as surprised and shocked to learn that as you are.”

But he denied the fees were paid to buy Mulcaire’s “cooperation and silence”, saying: “When the allegations came out I said: ‘Are we doing this? Is this what the company’s doing?’

“The strong (legal) advice was that from time to time it’s important and customary even to pay co-defendants’ legal fees.”

Read More Via -http://crooksandliars.com/karoli/murdoch-organization-still-paying-phone-hac

Share on TumblrSubmit to StumbleUponSave on DeliciousDigg ThisSubmit to reddit