Hacking ANY Smartphone is Far Easier Than Most People Realize

[dgstorm]

If this 60 Minutes episode is accurate, then the possibility of our smartphones getting hacked is far scarier than most people realize. According to the segment from 60 Minutes, smartphones are so easily hacked that you can be tracked, your personal and credit card information stolen, your texts can be read and even your phone calls can be monitored and recorded.

As an experiment for the show, CBS used a brand new Apple iPhone which was given to Representative Ted Lieu (D-Calif.). Then, while he used it as his daily driver, they gave the phone number to the researchers at Security Research Labs with instructions to hack into the device. To be clear, the only piece of info they were given was the phone number used on the handset.

With only that, the researchers were able to track the congressman's movements and intercept and record his phone calls. They were also able to listen in on both sides of a phone call made by the 60 Minutes reporter to the congressman.

When the folks at 60 Minutes asked the researchers which phone was safer, iPhone or Android, the response was "all phones are the same." The reason for this is because this hack used something called Signaling System 7 (SS7), which is a protocol used to connect phone carriers around the world. A vulnerability in that fundamental system is what gave the researchers complete access. The only bright lining is that knowledge of the SS7 flaw is not widespread, so the blackhats of the world are not taking advantage of it, yet.

This remote phone hacking wasn't the only example which was shared by the investigators at 60 Minutes. They also employed the services of Lookout co-founder John Hering, whose group was tasked with hacking into the reporter's handset in a hotel room in Las Vegas. Using a spoof hack of the hotel's Wi-Fi landing page, Hering's team cracked the reporter's handset in minutes, gaining full access to her email, credit card numbers and more.

Ultimately, it seems like the world of smartphones is far less secure than we think it is, although it's possible the 60 Minutes program paints an exaggerated picture of how bad things currently are. One thing's for sure, most likely we will see even more smartphone hacking crimes in the future. Luckily, we will also likely see more security companies rise to take on the challenge of changing that paradigm. What do you folks think? Is this something to be scared of, or do you have faith it will get worked out before you need to worry about it?

Source: CBS - 60 Minutes

 

[JohnnyApple]

If they are in fact hacking SS7, the ability to do this same thing has been present for decades. SS7 has been in use with land lines since I can remember. the AT&T 5ESS switch that is a common switch for entire towns uses it... and the 5E has been around since 1982.

It's a bit scarier that because of mobile they know your exact location at all times...

 

[scifan57]

And in the second incident, they're using a classic phishing attack to trick the user into giving access to the iPhone. In neither case did they break through any iPhone security measures. This report make iPhone security seem much weaker than it actually is.

 

[cereal killer]

Crazy..I actually watched this on Sunday. After Representative Ted Lieu saw how easy it was for them to gain access to his calls and listen in on everything he got visibly upset. He wasn't a happy camper at all.

I'm pretty jaded and always figured our smart phones weren't secure, so it came as no shock. They do need to do something to fix this problem.

 

[Agave]

Based upon some existing analytical companies, with their ability to track devices, what measures would the people of this website suggest to users to protect themselves?