Hacker Intercepts GSM Phone Calls Using a Homemade $1,500 IMSI Catcher

Justin Kerr

Chris Paget made a name for himself back in 2009 when he exposed security vulnerabilities in RFID that allowed him to wirelessly download the contents of US passports from a parked car and he’s making headlines again by exposing serious problems in the GSM cellphone network. Using nothing more than an off the shelf laptop, and a pair of RF antennas he was able to successfully imitate an AT&T cellphone tower which allowed him to intercept and record phone calls . “As far as your cell phones are concerned, I'm now indistinguishable from AT&T,” he told a crowd at this year’s DefCon security conference.

The demonstration was supposed to highlight a major flaw in the 2G GSM system which automatically directs phones to the tower with the strongest signal, apparently without proper authentication. So far the system only works on outgoing calls, but is a pretty critical flaw in the most commonly used wireless technology in the world. "GSM is broken," Paget said, "The primary solution is to turn it off altogether." I’m willing to bet carriers will take his recommendation “under advisement”, but hopefully a more reasonable fix is possible with the existing hardware.

It is unknown at this point if similar vulnerabilities exist in CDMA, but for the time being anyway, it will be the last refuge for tin foil hat wearing propeller heads who need to keep their calls private at any cost.

Around the web