Recently, Reuters reported that two security experts, Tom Ritter and Doug DePerry, discovered that they were able to snoop on Verizon Mobile phone users with just mobile cell tower. These mobile cell towers, or femtocell to be specific, are a way to extend the wireless network to get more coverage where signal is weak. According to the hackers, the device, which mimics a real cell tower, can listen to phone calls, read text messages, and tap into the mobile data that is communicating with the mobile phone.
Though discovery is about a way to spy on people’s calls, Ritter said that the technique is not about how “the NSA would attack ordinary people” rather then it is a way for any regular person can attack other ordinary people.
As of right now, Verizon has updated the software on its signal-boosting devices to prevent this discovery from being put into practice. Even though the vulnerability has been patched, Tom Ritter said that hackers can still find ways to get into this device, or just about any mobile cell boosters, and convert it into a mobile spy station. Currently, Ritter and DePerry were able to still run the modified cell tower (even with the update) though has not disclosed on how they were able to convert the device, but expects to give more details at the annual Black Hat and Def Con conferences in Las Vegas in the coming months.
Even though Ritter and DePerry were able to hack the devices and change it for malicious uses under the CDMA spectrum, this is not the first time the device has been attacked. In the recent years, researchers in Europe have discovered security holes in other micro-cell towers (which runs on the GSM network). The most logical reason for a CDMA to not be discovered is due to the fact that the US is the only area which uses this technology.