This year’s Pwn2Own contest will play host to a new world of mobile phone hacking when security researcher Ralf-Philip Weinmann shares a new way of hacking a cellular device, writes ReadWriteWeb’s Sarah Perez.
The new hack uses a bug that is commonly found in chipsets from industry giants Qualcomm and Infineon Technologies. By setting up a fake or compromised cell tower, hackers can send malicious code to a target device that exploits vulnerabilities in the GSM/3GPP stacks on the hardware’s baseband CPUs. Interestingly, Weinmann will be showing the hack working on both iOS and Android platforms.
Until recently, the chances of someone taking the time to create a fake cell tower were slim due to the high costs involved. However, free software like OpenBTS now means towers can be created for as little as $2,000.
So does this mean we all need to panic as we tend to do with such security concerns? Not quite.
In order to carry out such an attack, the perpetrator would need in-depth knowledge of the chipsets. Thankfully that’s not something the vast majority of hackers possess.
Well, not yet anyway!