Security experts and hackers are playing with a SMS technique which allows the security experts to take over phones by sending a SMS. The security experts got a hold on the leaked papers which talk about a method which allows attackers to take over phones by sending a message to the phone. The papers that have been leaked by Edward Snowden did not disclose how the attack should be setup. The papers which got leaked in 2013, show how it is possible for the NSA to take over phones at modem level.
The security researcher Odd Helge Rosberg from Rosberg.com explained that this is a important clue, because hacking at modem level allows hackers to penetrate the mobile phones by malicious SMS messages.
Mobi Consulting replicated the NSA technique
The Mobi Consulting company in The Netherlands has replicated the mobile hacking technique from the NSA. They explain that they replicated the program to configure devices remotely. The malicious SMS attack works in the following way:
- Create fake SMS which explains that there is a update pending
- Send malicious ‘update’ SMS
- Victim opens SMS – internet gets configured by the malicious code
- Victim has been infected by malicious code
Phone encryption will not work
The malicious SMS attack is very simple as a lot of people will simply accept the update. It is not common that hackers will abuse mobile phones with these techniques. Once the device has been infected by the malicious SMS. The hacker will be able to control the microphone or the loudspeaker. If you think that you are safe by using encryption, you are wrong. This method allows the hackers to steal the information before it is encrypted.