SMS networks risk attack

Flaws in the way some mobile-phone networks handle SMS signalling data could leave them open to a whole new range of attacks.

Share

Flaws in the way some mobile-phone networks handle SMS signalling data could leave them open to a whole new range of attacks.

At this week's Black Hat conference in Las Vegas, researchers Zane Lackey and Luis Miras will show how they were able to spoof SMS and MMS messages and falsify the signalling data that underlies these messages.

Neither researcher was able to comment for this story, but in a description of their talk, posted to the Black Hat Web site, they say that they plan to release SMS hacking tools and will demonstrate an iPhone-based application that can be used in several SMS attacks.

"SMS is also one of the only mobile phone attack surfaces which is on by default and requires almost no user interaction to be attacked," they say in their talk abstract.

The researchers were able to send SMS messages from one phone to another that contained configuration information that would normally originate only on the network's servers, according to a source familiar with the talk, who spoke on condition of anonymity because he was not authorised to speak on the matter.

The research details security flaws in the way some mobile networks communicate with the devices on the network. "Basically, they found that there is a way to bypass all of the source sender validation," the source said.

The iPhone tool, which runs on a jailbroken version of the device, lets them send SMS messages with data that should normally only be sent from the carrier network, the source said.