Illustration of man-in-the-middle 2016 telegraph.co.uk
German security experts who are members of the Security Research Labs (SRL) just to show the world where hackers can spy on every human on Earth who has a telephone number. How to?
In an event at CBS, the team showed how they utilize an existing vulnerabilities in the mobile network world, the Signalling System Seven (SS7). Yes, by exploiting SS7, they can hack all kinds of smartphones.
As a demonstration, Karsten Nohl as one internet security experts SRL trying to spy on members of the House of Representatives iPhone California, USA, named Ted Lieu. Sure enough, just a phone number Ted Lieu capital, Nohl can break into the iPhone on the council.
As a result, Nohl can tap and record conversations, see isis Lieu contacts, read text, and even track the movements Lieu. Nohl even be aware of any phone numbers to dial Lieu.
Remember, because only the necessary phone numbers, Nohl or other hackers can exploit new number they get. Horrified not?
"Things do whatever Lieu, from chosing a safe, install a password, or to install security applications have no bearing on us. Because we attack the cellular network," said Nohl.
Ironically SS7 is in fact not a new thing, because this vulnerability was first reported in August 2015 ago. In addition, the SS7 protocol is a signal transmitter system that is now in use by 800 telecommunication companies in various countries.
Major countries in the world, such as America, United Kingdom, to Germany joined using SS7. The success of the action using a smartphone hacking vulnerabilities SS7 called up to the 70 percent.
How does the vulnerability SS7?
Basically the hacker exploit SS7 using man-in-the-middle alias piracy. First the hacker will forward all calls to a recording device online and then all calls were forwarded to the destination phone number.
Then they need to use another hacker tool that serves to record the activity of smartphone users. As for the location, hackers usually take advantage of Google Maps.
SS7 vulnerability has become common knowledge
Karsten Nohl said that if the vulnerability SS7 is actually an open secret among the spy agency world. Worse yet, there are no global rules governing SS7. The question is whether this vulnerability SS7 also threaten Indonesia?