The Null Device

2009/4/22

Users of criminal hacking forums have apparently been offering ridiculous sums of money for one type of low-end mobile phone. Certain Nokia 1100 handsets, manufactured in Bochum, Germany, are said to have a firmware bug which allows them to be reprogrammed to use another user's phone number, and thus intercept text messages containing bank transaction authentication codes, which is why the going price for them has gone as high as €25,000. Nokia have denied knowing of either such a flaw or of the phones for going for more than €100.

Though if criminals want a handset that can bypass GSM network security and intercept other users' messages, surely there'd be cheaper ways to go about this. Given that criminal gangs somehow managed to compromise a Chinese factory that made point-of-sale terminals and "enhance" the terminals with GSM-based card skimmers, surely it wouldn't be so hard to get one of the numerous Chinese mobile phone manufacturers to intentionally weaken security in one of their units to allow it to be used to spoof numbers, and then buying up a few boxloads of them. Bonus points for getting one that looks almost like an iPhone.

(via Engadget) crime gibson's law hacks mobile phones scams tech 1