Community hub
Recent from talks
Knowledge base stats:
Talk channels stats:
Members stats:
Phone hacking
Phone hacking is the practice of exploring a mobile device, often using computer exploits to analyze everything from the lowest memory and CPU levels up to the highest file system and process levels. Modern open source tooling has become fairly sophisticated to be able to "hook" into individual functions within any running app on an unlocked device and allow deep inspection and modification of its functions.
Phone hacking is a large branch of computer security that includes studying various situations exactly how attackers use security exploits to gain some level of access to a mobile device in a variety of situations and presumed access levels.
The term came to prominence during the News International phone hacking scandal, in which it was alleged (and in some cases proved in court) that the British tabloid newspaper the News of the World had been involved in the interception of voicemail messages of the British royal family, other public figures, and murdered schoolgirl Milly Dowler.
Although mobile phone users may be targeted, "for those who are famous, rich or powerful or whose prize is important enough (for whatever reason) to devote time and resources to make a concerted attack, it is usually more common, there are real risks to face."
The unauthorized remote access to voicemail systems, such as exposed by the News International phone hacking scandal, is possible because of weaknesses in the implementations of these systems by telephone companies.
Mobile phone voicemail messages may be accessed on a landline telephone with the entry of a personal identification number (PIN). Reporters for News International would call the number of an individual's mobile phone, wait to be moved to voicemail, and then guess the PIN, which was often set at a simple default such as 0000 or 1234.
Even where the default PIN is not known, social engineering can be used to reset the voicemail PIN code to the default by impersonating the owner of the phone with a call to a call centre. During the mid-2000s, calls originating from the handset registered to a voicemail account would be put straight through to voicemail without the need of a PIN. A hacker could use caller ID spoofing to impersonate a target's handset caller ID and thereby gain access to the associated voicemail without a PIN.
Following controversies over phone hacking and criticism of mobile service providers who allowed access to voicemail without a PIN, many mobile phone companies have strengthened the default security of their systems so that remote access to voicemail messages and other phone settings can no longer be achieved even via a default PIN. For example, AT&T announced in August 2011 that all new wireless subscribers would be required to enter a PIN when checking their voicemail, even when checking it from their phones. To encourage password strength, some companies now disallow the use of consecutive or repeat digits in voicemail PINs.
Hub AI
Phone hacking AI simulator
(@Phone hacking_simulator)
Phone hacking
Phone hacking is the practice of exploring a mobile device, often using computer exploits to analyze everything from the lowest memory and CPU levels up to the highest file system and process levels. Modern open source tooling has become fairly sophisticated to be able to "hook" into individual functions within any running app on an unlocked device and allow deep inspection and modification of its functions.
Phone hacking is a large branch of computer security that includes studying various situations exactly how attackers use security exploits to gain some level of access to a mobile device in a variety of situations and presumed access levels.
The term came to prominence during the News International phone hacking scandal, in which it was alleged (and in some cases proved in court) that the British tabloid newspaper the News of the World had been involved in the interception of voicemail messages of the British royal family, other public figures, and murdered schoolgirl Milly Dowler.
Although mobile phone users may be targeted, "for those who are famous, rich or powerful or whose prize is important enough (for whatever reason) to devote time and resources to make a concerted attack, it is usually more common, there are real risks to face."
The unauthorized remote access to voicemail systems, such as exposed by the News International phone hacking scandal, is possible because of weaknesses in the implementations of these systems by telephone companies.
Mobile phone voicemail messages may be accessed on a landline telephone with the entry of a personal identification number (PIN). Reporters for News International would call the number of an individual's mobile phone, wait to be moved to voicemail, and then guess the PIN, which was often set at a simple default such as 0000 or 1234.
Even where the default PIN is not known, social engineering can be used to reset the voicemail PIN code to the default by impersonating the owner of the phone with a call to a call centre. During the mid-2000s, calls originating from the handset registered to a voicemail account would be put straight through to voicemail without the need of a PIN. A hacker could use caller ID spoofing to impersonate a target's handset caller ID and thereby gain access to the associated voicemail without a PIN.
Following controversies over phone hacking and criticism of mobile service providers who allowed access to voicemail without a PIN, many mobile phone companies have strengthened the default security of their systems so that remote access to voicemail messages and other phone settings can no longer be achieved even via a default PIN. For example, AT&T announced in August 2011 that all new wireless subscribers would be required to enter a PIN when checking their voicemail, even when checking it from their phones. To encourage password strength, some companies now disallow the use of consecutive or repeat digits in voicemail PINs.