s-SMARTPHONE-HACK-BASEBAND-large.jpg

People have known for some time now that agents from various government agencies can listen in on your conversations even if your phone is turned off. A new smartphone hack, that includes both Android and iPhone, also lets people listen in on your conversations. The auto-answer feature installed on most smartphones can be hacked to transform the phone into a listening machine, based on research by Ralf-Philipp Weinmann that shows a way hackers can break into the phone's baseband processor, which sends and receives radio signals on the cellular network, by exploiting bugs in the firmware of its radio chips. Though previous cell phone security concerns have focused on the operating systems, Weinmann's research represents a new kind of hack—‘baseband’ hacking, an approach that requires some complicated set-up to function. The would-be hacker creates a fake cell phone tower to get the targeted phone to connect with it, at which point the fake tower would be able to transmit the bad code. Moreover, that code must be capable of running on the firmware, representing another level of hacker know-how necessary to run the trick. Weinmann will unveil his hack, entitled ‘The Baseband Apocalypse’, at next month's Black Hat information security conference in Washington DC.


Zero