Your Phone is not secure, Your Call can be spoofed. Here’s How.

This article is only for educational Purpose

Only truly secure system is one that is powered off, cast in a block of concrete.

Well, This might sound like a Sci-Fi Movie but reading of sensitive e-mails and SMS to stealing of photos, tracking of location , spoofing your phone calls can be done, and you can be the target.

 

How hackers can take control over your Phone ?

The IMSI Catcher

Before I talk about the IMSI Catcher , I’ll introduce you to some buzzwords.
IMSI , International Mobile Subscriber Identity. This is a GSM unique identifier that defines a subscriber in the wireless world, including the country and mobile network to which the subscriber belongs.

ICCID , Integrated Circuit Card ID. This is the identifier of the actual SIM card itself – i.e. an identifier for the SIM chip. It is possible to change the information contained on a SIM (including the IMSI), but the identify of the SIM itself remains the same.

IMEI , International Mobile Equipment Identity and is a unique number given to every single mobile phone, typically found behind the battery.

Simply Put, IMSI catcher is a fake phone base station that tricks cell phones into routing their outbound calls through his device, allowing someone to intercept even encrypted calls in the clear.

Here’s a rough discussion on How was it done.

The concept is Simple, your mobile phone automatically tries to route its communications through the strongest signal from nearby phone base towers, and the IMSI Catcher satisfies this need by emitting the strongest signal.

What are some other ways how an attacker tries to gain control over your phone?

If you use P2P services, you might have seen ‘cracked’ premium apps. In that case, I’ll have you known 3 random ways that a attacker tries to gain access on your phone.
  1. A ‘cracked’ version of a premium app.
  2. Fake Ads/Tricking the user to download malicious app
  3. Uninstalling and installing the malicious version of the same app.
Vodafone In India provides M-PESA service for money transfer , But Security Researchers are able to compromise these systems.

So basically, The type of attacks possible here are only limited by the coding ability and creativity of the hacker.

So Do You think you are Secure? What are you using on your phone to keep yourself secure? Let Us know!