Wednesday, January 9, 2013

Hacked Phones Could Be Listening To Everything You Say

Chris Dougherty, Contributor
Activist Post

Most people believe their phone conversations are private. Well, they may not be as private as you think if your office or home is filled with hacked phones.

Researchers at Columbia University have discovered a flaw in telephones that allows a hacker to turn a phone’s microphone into a sophisticated recording device. Using this flaw an attacker can eavesdrop on conversations remotely.

5th year PhD candidate Ang Cui and Columbia Professor Sal Stolfo discovered the flaw while working on a U.S. Defense Department grant for the Defense Advanced Research Projects Agency (DARPA). According to the researchers, they can remotely command a hacked phone to do anything they want.

For example, they say they can activate a webcam on a phone or instruct the phone’s LED light to remain off when the phone’s microphone has been activated. This way the eavesdropping victim won’t be alerted when their conversation is being recorded.
'On the dark side, these phones are sold worldwide,' Stolfo said. 'Any government that would like to peer into the private lives of citizens could use this. This is a great opportunity to create a low-cost surveillance system that is already deployed. It’s a monitoring infrastructure that’s free, when you turn these into listening posts.”'
Ang Cui, who works in the Intrusion Detection Systems Lab at Columbia University, gave a presentation on December 29th demonstrating the hack at the Chaos Communications Conference in Germany. The demonstration is appropriately titled “Hacking Cisco Phones: Just Because You Are Paranoid Doesn’t Mean Your Phone Isn’t Listening To Everything You Say”.


During the presentation Cui shows examples of Cisco phones used not only in companies and educational institutions, but also used in government and military applications.



Cui, has spent the last five years thinking about ways to defend embedded systems against exploitation. Last year he gave a detailed presentation describing a method to use a printer as a launching point to attack a corporate network. For the purpose of attacking a phone, he has created a little device called the th1ngp3wn3r (pronounced Thing Powner) kit. The researcher says this small gadget can be attached to a single Cisco IP phone and then used to turn an entire company’s network into a sophisticated bugging device within seconds.

Th1ngP3wn3r kit : Cisco Hacking Device – This small gadget can be attached to a single Cisco IP phone and then used to turn an entire company’s network into a sophisticated bugging device within seconds
Cisco acknowledged the flaw in a statement to NBC News, but wouldn’t say how many of its phones were impacted by the hack. However, Cisco announced in a December vulnerability report sent to paying customers that 15 models were affected.

The company appears to be working on a fix, but the researchers still consider the flaw to be very “dangerous.”

Chris Dougherty is a grey hat hacker and online security expert. Please visit his blog, www.VirtualThreat.com, for more excellent news and information about protecting yourself in cyberspace.


BE THE CHANGE! PLEASE SHARE THIS USING THE TOOLS BELOW


BE THE CHANGE! PLEASE SHARE THIS USING THE TOOLS BELOW

3 comments:

Anonymous said...

And yet, these people insist in paying for this intrusion in their privacy by having a cell phone in the first place.

A: They are deadly (brain cancer and the like)
B: Gov't spy device you are actually paying good money for violating your right to privacy.

Seriously, I would think one would have to pretty naive and possibly quite stupid to even have one of these devices.

Grown men texting, they look like little thirteen year old girls - a real manly man

Grow up and wake up America - take your country back!

Anonymous said...

This article was referring to desktop phones, not cell phones.

Anonymous said...

everyone here on this site at this very moment is being tracked whether it be the internet, cell phone, or land line phone. people would have to be living under a rock to not know this is going on.

Post a Comment