Fake GSM base station tricks target iPhones

[Josh]

While his Black Hat DC Conference demonstration was not flawless, a University of Luxembourg student on Wednesday did show that it's possible to trick iPhone users into joining a fake GSM network.

Ralf-Philipp Weinmann showed how to cobble together a laptop using open-source software OpenBTS and other low-cost gear to create a fake GSM transmitter base station to locate iPhones in order to send their owners a message. A number of iPhone users in the room expressed surprise that they had gotten a message asking them to join the network.

Weinmann, who is researching vulnerabilities in cellular networks, said that with the right equipment, the range for the rogue GSM station he built can be 35 kilometers.

More at source...

[Stoic Joker]

(see attachment in previous post)

While his Black Hat DC Conference demonstration was not flawless, a University of Luxembourg student on Wednesday did show that it's possible to trick iPhone users into joining a fake GSM network.

Ralf-Philipp Weinmann showed how to cobble together a laptop using open-source software OpenBTS and other low-cost gear to create a fake GSM transmitter base station to locate iPhones in order to send their owners a message. A number of iPhone users in the room expressed surprise that they had gotten a message asking them to join the network.

Weinmann, who is researching vulnerabilities in cellular networks, said that with the right equipment, the range for the rogue GSM station he built can be 35 kilometers.

More at source...

-Josh (January 20, 2011, 03:39 PM)

There were people at a hacking conference stupid enough to be carrying an iPhone?!? I thought they banned those things a long time ago because of their pathetic security...

[mwb1100]

There were people at a hacking conference stupid enough to be carrying an iPhone?!? I thought they banned those things a long time ago because of their pathetic security...

-Stoic Joker (January 20, 2011, 03:55 PM)

I wonder if the attack was really targeting something iPhone-specific. iPhones use an Infineon GSM chipset - I'd guess it (or a closely-related attack) would be effective against many Infineon-based phones.  Then again, I'm assuming that Infineon isn't exclusive to iPhone.

[Stoic Joker]

There were people at a hacking conference stupid enough to be carrying an iPhone?!? I thought they banned those things a long time ago because of their pathetic security...

-Stoic Joker (January 20, 2011, 03:55 PM)

I wonder if the attack was really targeting something iPhone-specific. iPhones use an Infineon GSM chipset - I'd guess it (or a closely-related attack) would be effective against many Infineon-based phones.  Then again, I'm assuming that Infineon isn't exclusive to iPhone.

-mwb1100 (January 20, 2011, 05:20 PM)

Ya know, I found that detail rather troubling also. But the article was very specific in singling out the iPhone.

Sure, I'm wearing my schadenfreude hat, but (to be honest) this very well could be an iceberg tip.