A new flaw in the GSM (Global System for Mobile Communications) cellular network technology could potentially allow a hacker to gain control of a phone and force the device to send text messages or place phone calls. Criminals could use the exploit to send messages or make the calls to expensive premium phone services, lining their pockets with cash and leaving phone owners to foot the bill.
GSM technology is used by billions of people worldwide and is said to represent about 80 percent of the global mobile market according to Reuters. The latest vulnerability was discovered by Karsten Nohl, head of Germany’s Security Research Labs. Nohl says that his team can perform the attack on hundreds of thousands of phones in a short timeframe.
Nohl will be speaking at a hacking convention in Berlin on Tuesday. Although he isn’t planning to present details of the attack at the show, he notes that the code will likely be replicated within a few weeks.
Similar attacks have been waged on landline phone systems in the past. Hackers will set up bogus 900-type numbers in Africa, Asia and Easter Europe then force thousands of phones to call the numbers, charging ridiculous fees to the phone provider who then passes them on to the owner of the line. Users usually don’t even notice any fraudulent activity until they receive their bill. By that time, the hacker has shut down shop and set up a new operation somewhere else.