In the end of 2008 Tobias Engel demonstrated how to find the whereabouts of mobile phones by tapping into mobile network databases. An independent researcher Nick DePetrillo from the Source Conference in Boston Wednesday, and Don Bailey of iSec Partners proved how with related techniques it is possible to find a person’s spot even when his number is unknown and to gather other details which most users assume are undetectable.

The information disclosure hack works by tricking the GSM caller ID system into assembling what amounts to a white pages directory of nearly every mobile phone number. In order to do that, the researchers DePetrillo and Bailey established a voice over IP account that included caller ID. Moreover, they called the account over and over by using enormous blocks of spoofed numbers and logged the caller ID production of each one by using an Asterisk server.

The cataloged lookup information let them to find individuals related to the numbers and vice versa. Furthermore, it disclosed huge pools of numbers that were part of private corporations and government agencies.

Nevertheless, DePetrillo and Bailey blocked the numbers they wanted to trace into the so-called HLR, or home location register. The database, and the larger SS7 protocol to which it belongs, in many respects is to mobile networks what TCP/IP is to the internet, allowing cellular carriers to place the position of a receiver so it can accept voice or text traffic.

The techniques develop functionality built into GSM networks to ensure the fact that calls can be routed dependably to an earpiece wherever in the world it’s situated. As such, it will be difficult to fix the revelation threat without breaking the networks.

For more information read the following article:

http://www.theregister.co.uk/2010/04/22/gsm_info_disclosure_hack/

The encryption algorithm(A5/1) of the gsm network is over 20 years old and can be hacked by non-professionals with relatively easy means in a short time. Nohl said that he and his helpers had successfully hacked the gsm-encryption algorithm in a distributed attack within three month and with 40 computers. The needed codebook with the rainbow tables is already distributed via file sharing networks. With this practical tutorial for hacking the gsm network the attacks will be considerably faster in the future.

Therefore the Chaos Computer Club asks for a stronger encryption of the gsm network from the industrial association GSMA. The GSMA denies this because they say that although hacking the gsm network is theoretically possible, it is practically improbable and the application of the presented method of hacking the gsm network is in many countries illegal.

This news is based on a german article which can be found here.

“We have everything, their databases, confidental documents, scripts and programs from their servers, financial documents up to 2009.”

Really quite worrying. If true, I am curious what is meant by ‘customer accounts’, Would that include ways to get to call records? Personally, I think the opportunities and increasing incentive to use mobile devices (or information about their use) for malicious activities scary.

T-Mobile is in denial: “There is no evidence customer data is compromised.”