Techno world

 

Mobile hacking – SMS & Call forging

It was bound to happen – they have hacked just about everything else. Now it’s the cell phones. Cellphone hacking has
just recently surfaced and been made public ever since some one did some cellular phone hacking on Paris Hilton’s cell
phone.This article will give you some information about what is going on out there and what you can do to better protect your
cell phone information.

What Does It Involve

The fact of someone hacking cell phone became public knowledge when Paris Hilton’s cell phone, along with  her
information was recently hacked. Unfortunately for her, all her celebrity friends and their phone numbers were also
placed on the Internet – resulting in a barrage of calls to each of them.
Cell phone hackers have apparently found a glitch in the way the chips are manufactured. The good news, though, is that
it only applies to the first generation models of cell phones that use the Global System for Mobile communications (GSM).
Another requirement is that the hacker must have physical access to the cell phone for at least three minutes – which is a
real good reason not to let it out of your sight. Currently, although the problem has been remedied (at least for now) in
the second and third generation phones, it seems that about 70% of existing cell phones fall within the first generation
category.
Another way that mobile phone hacking can take place is for a hacker to walk around an area with people that have cell
phones and a laptop that has cellphone hacker programs on it. Through an antenna, and a little patience, his computer
can literally pick up your cell phone data – if it is turned on. This is more applicable to cell phones that use Bluetooth
technology.

What Can A Hacker Do?
Surprisingly, there are quite a number of things that can be accomplished by the hacker. Depending on their intent here
are a few of them.
1. Steal Your Number :
Your phone number can be accessed and obtained by cellphone hacking. This allows them to make calls and have
it charged to your account.
2.Take Your Information :
Mobile hacking allows a hacker to contact your cell phone, without your knowledge, and to download your
addresses and other information you might have on your phone. Many hackers are not content to only get your
information. Some will even change all your phone numbers! Be sure to keep a backup of your information
somewhere. This particular technique is called Bluesnarfing.

Be Prepared for Cell Phone Hacks
1. Rob Your Money
Other options might use a particular buying feature called SMS. This refers to the fact that money can be taken
from your account and transferred into another and a good hacker can sit in one place and access a lot of phones
and transfer a lot of money rather quickly – probably in less time than you think!
2.Give The System A Virus
By using another cell phone hack code, a hacker could kidnap your phone, send it a camouflaged program or send
it a virus. But it does not end there, since, from that point, he can use your phone to retransmit the virus to many
other phones almost instantly – potentially disabling the system.
3. Spy On You
A hacker can also gain access and take over for cell phone spying and remote mobile phone hacking. Literally,
once secured, the hacker can have the phone call him, and then be able to listen to all conversations going on
around the owner of the phone.
4. Access Your Voice Mails
Voice mails can also be retrieved by a hacker through a hacking cell phone. After stealing your number, this can
easily be done – if your password is disabled. The main thing that needs to be understood here, is that the
electronics that give you the modern convenience of interacting with the Internet (getting your voice mails,
emails, Web surfing, etc.) , is also the same technology that allows you to receive the same ills as can befall
someone on the Internet.
What Can You Do?
It seems that the major cell phone companies, at least at this point, really are not interested in bringing the system up to
be able to cope with this threat. Meetings are starting to take place, but for now it is not perceived to be real serious. This
could be because it is primarily the older phones that are most susceptible to some types of this mobile hacking.
Until the cell phone manufacturers are able to cope with, or eliminate, the glitches in the system that allows them to
overcome these problems, you will largely have to help yourself to cope with these things. Here are a couple of tips that
will help you protect your cell phone, its information, and other things.
1. Use Your Passwords
The cell phone companies tell us that many people have turned off their passwords when they access their voice
mail messages, or other things. This little feature, though it may seem to be an annoyance to some, could protect
your phone from unauthorized purposes.
2. Leave The Phone Off
This one is obviously the harder choice, here, simply because most of us who have cell phones like to be reached
anytime and anywhere. Others do need to be reachable at all times.
3. Upgrade Your Phone
While this cannot guarantee that your phone is not hackable, it certainly will help. It should be remembered that
the phone companies work hard to deliver the best technology and conveniences – but the cell phone hacks work
just as hard to be the first to break the systems designed to defeat them. It is an ongoing battle.
Cellular phone hacking, for now, is a fact of life that affects a few of us. Gladly, the numbers are still small, but
many feel this problem is just getting started. By being aware of the problems, you can wisely take steps to
prevent them from happening to you. Cellphone hacking does not need to catch you unprepared.

Call Spoofing / Forging

• Call forging is method to spoof caller id number displayed on the mobile phone/landline.
• It relies on VoIP (Voice over Internet Protocol)
• VoIP is emerging & exciting innovation as far as Information & communication technology is concerned.
• Can be considered as GEN Next Cyber Crime.
About Caller Id Forging/Spoofing
Caller ID Forging the practice of causing the telephone network to display a number on the recipient’s caller ID display
which is not that of the actual originating station; the term is commonly used to describe situations in which the
motivation is considered nefarious by the speaker. Just as e-mail spoofing can make it appear that a message came from
any e-mail address the sender chooses, caller ID forging can make a call appear to have come from any phone number the
caller wishes. Because people are prone to assume a call is coming from the number (and hence, the associated person,
or persons), this can call the service’s value into question.
Basics of Call Forging

1. Firstly the voip is used to call via internet PC to a telephone.
2. In the Voip there is a loop hole which allow a intruder to spoof a call.
   3.There are many website on the net which provide the facility of the internet calling.
3. This website work as follows,first the call the source phone no then the destiation number and then bridge them
   togather.Here there is no authentication done by the website and server are normally located in US and so tracing of the
   intruder is not possible.Thus the intruder logs on to this server and gives a wrong source number and then place a call over internet
   which is actually a spoofed call which shows wrong identity.
   5.Also there a no laws regarding the call spoofing in India and so a intruder if gets traced is easily backed by the
   loophole of no laws for it, thus if you get calls from other numbers don,t trust it they may be spoofed calls.

SMS Forging
• SMS is one of the most popular means of communications.
• SMS Forging is the method to spoof sender id of SMS.
• One can send SMS to international Number from any number of sender’s choice.
• Facility to choose sender id upto 11 characters/name.
SMS ROUTING IN GSM

First of all the sender send the SMS via SMS gateway. The identity of the sender is attached to the SCCP packer of the
SMS. The SMS once reach the SMS gateway is routed to the destination Gateway and then to the receiver’s handset.
There are many ways by which we can send SMS to the SMS gateway.One of them is to use internet.
Now the concept of SMS forging lies in changing the SCCP packer which contains the sender information prior delivering
to the SMS gateway.The intruder can change the SCCP packet and can send that packet to any of the receiver as a spoofed SMS.
Some of the Website on the net also provide this facility.
0791 7283010010F5 040BC87238880900F1
0000993092516195800AE8329BFD4697D9.
07- Length of the SMSC information (in this case 7 octets)
91 – Type-of-address of the SMSC. (91 means international format of the phone number)
72 83 01 00 10 F5 – Service center number(in decimal semi-octets). The length of the phone number is odd (11), so a
trailing F has been added to form proper octets. The phone number of this service center is “+27381000015”.
04- First octet of this SMS-DELIVER message.

0B-Address-Length. Length of the sender number (0B hex = 11 dec)

C8-Type-of-address of the sender number
72 38 88 09 00 F1- Sender number (decimal semi-octets), with a trailing F.
• When SMS is sent using an application, it is routed through international gateways.
• Spoofing of Message Id(SDCCH/SCCP Info) take place at International gateway.
• Finally SMS is routed to destination SMS Center number.
• As there is no authentication system, it is sent to destination number with spoof ID.
Bluesnarfing

Bluesnarfing is the theft of information from a wireless device through a Bluetooth connection, often between phones,
desktops, laptops, and PDAs. This allows access to a calendar, contact list, emails and text messages. Bluesnarfing is much
more serious in relation to Bluejacking, although both exploit others’ Bluetooth connections without their knowledge.
Any device with its Bluetooth connection turned on and set to “discoverable” (able to be found by other Bluetooth
devices in range) can be attacked. By turning off this feature you can be protected from the possibility of being
Bluesnarfed. Since it is an invasion of privacy, Bluesnarfing is illegal in many countries.There are people who have predicted the doom of bluetooth tooth attacks like bluesnarfing. Their reasoning is that WiFi will eventually replace the need for bluetooth devices and without bluetooth, it make sense there will be no bluetooth attacks.
While convincing and logical, bluetooth have yet to be phased out long after WiFi is in use. In face, there are more and
more devices using bluetooth technology. The main reason: It’s free. Unlike wifi which is a overall network and you are
just a “user” in the network, you “own the network”. You can switch in on and off anytime you like, and you don’t have to
pay a cent. There is no logic for example to use wifi for connecting with your headset, but bluetooth fits that function
perfectly.In fact, this neglect on the importance of bluetooth has led to an added advantage to bluesnarfers. Because every is
concern about their wifi security, they neglect the fact that their short ranged network which is their bluetooth can easier
be hacked into for someone who is nearby or even far away but with the right equipment.
The reason why there is little  news about  bluesnarfing is that there is no good solution to the problem at the moment,
save for switching off your bluetooth device.So my advice is, be careful if you keep confidential information on your bluetooth devices.

We will learn about call forging and sms forging in the later posts.