80 Percentage of GSM Phones Vulnerable to Remote Access

Karsten Nohl,German Researcher have found a vulnerability in GSM mobile phones that allow hackers to gain the Remote access and instruct them to send SMS or make call.
"The GSMA and its mobile network operator members are confident in the security of existing 2G GSM networks and real attacks on real networks against real customers are most unlikely," it said in a statement, adding that newer technologies are safer and not impacted by the new research.

Similar attacks against a small number of smartphones have been done before, but this new attack can affect any cellphone using GSM technology.

"We can do it to hundreds of thousands of phones in a short time frame," Nohl told Reuters ahead of a presentation on the topic at a hacking convention in Berlin on Tuesday.

Each GSM command is exactly 23 bytes long. In most cases, Nohl said that leaves room for carriers to send random data that makes messages harder to intercept. However, some messages use the full 23 bytes requiring a more sophisticated workaround to make things secure. 

Researchers analyzed 32 operators in 11 countries(Austria, Belgium, the Czech Republic, France, Germany, Hungary, Italy, Morocco, Slovakia, Switzerland and Thailand) for this kind of vulnerability and protection. The result is Negative , Nohl says "None of the networks protects users very well".

Nohl said mobile telecom operators could easily improve their clients' security, in many cases by just updating their software.

"Mobile network is by far the weakest part of the mobile ecosystem, even when compared to a lot attacked Android or iOS devices," Nohl added.

Do you have questions, comments, or suggestions? Feel free to post a comment! 

Subscribe to Saint Andrew's Paradise
Liked this post?

Subscribe to "Saint Andrew's Paradise" and get all new tricks, tools and regular updates to your inbox!


Share your views...

0 Respones to "80 Percentage of GSM Phones Vulnerable to Remote Access"

Post a Comment


About Me

Saint Andrew is a computer science student. Saint Andrew is a founder of the blog Saint Andrew's Hacking Paradise.

His mission and the aim of this blog is to make the reader aware of the existing threats and describe them in comprehensible way.

"Saint Andrew's Hacking Paradise" is a place to Learn, Understand and Explore the facts of computer technology.

You are always welcome to contact us to suggest ideas, tips, or to ask questions.

© 2011 Saint Andrew's Hacking Paradise

This blog run on iThesis Theme & hosted by Blogger