Dr.

Ajay Nagne 1

MOBILE HACKING
 Table of Contents
2

 Introduction
 Call Spoofing/forging

 SMS Forging

 Bluesnarfing

Dr. Ajay Nagne

 Overview of Mobile Devices
3

 Mobile computers:
– Mainly smartphones, tablets
 Sensors: GPS, camera,
accelerometer, etc.
 Computation: powerful
CPUs (≥ 1 GHz, multi-core)
 Communication:
cellular/4G, Wi-Fi, near field
communication (NFC), etc.
 Many connect to cellular
networks: billing system
 Cisco: 7 billion mobile
devices will have been sold
by 2012 [1]
Dr. Ajay Nagne
Organization
 History
4

 The fact of someone hacking cell phone

became public knowledge when Paris
Hilton's cell phone, along with her
information was recently hacked.
 Unfortunately for her, all her celebrity
friends and their phone numbers were
also placed on the Internet - resulting in
a barrage of calls to each of them.
Dr. Ajay Nagne
 What Can A Hacker Do?
5

 Steal Your Number

 Your phone number can be accessed and obtained by
cellphone hacking. This allows them to make calls and
have it charged to your account.
 Take Your Information
 Mobilehacking allows a hacker to contact your cell phone,
without your knowledge, and to download your addresses
and other information you might have on your phone.
Many hackers are not content to only get your
information. Some will even change all your phone
numbers! Be sure to keep a backup of your information
somewhere. This particular technique is called
Bluesnarfing. Dr. Ajay Nagne
 What Can A Hacker Do? Cont. . . .
6

 Rob Your Money

 Other options might use a particular buying feature
called SMS. This refers to the fact that money can be
taken from your account and transferred into
another and a good hacker can sit in one place and
access a lot of phones and transfer a lot of money
rather quickly - probably in less time than you
think!

Dr. Ajay Nagne

 What Can A Hacker Do? Cont. . . .
7

 Give The System A Virus

 By using another cell phone hack code, a hacker
could kidnap your phone, send it a camouflaged
program or send it a virus. But it does not end there,
since, from that point, he can use your phone to
retransmit the virus to many other phones almost
instantly - potentially disabling the system.

Dr. Ajay Nagne

 What Can A Hacker Do? Cont. . . .
8

 Spy On You
A hacker can also gain access and take over for cell
phone spying and remote mobile phone hacking.
Literally, once secured, the hacker can have the
phone call him, and then be able to listen to all
conversations going on around the owner of the
phone.

Dr. Ajay Nagne

 What Can A Hacker Do? Cont. . . .
9

 Access Your Voice Mails

 Voice mails can also be retrieved by a hacker
through a hacking cell phone. After stealing your
number, this can easily be done - if your password is
disabled. The main thing that needs to be
understood here, is that the electronics that give
you the modern convenience of interacting with the
Internet (getting your voice mails, emails, Web
surfing, etc.) , is also the same technology that
allows you to receive the same ills as can befall
someone on the Internet.

Dr. Ajay Nagne

 What Can we Do?
10

 Use Your Passwords

 The cell phone companies tell us that many people
have turned off their passwords when they access
their voice mail messages, or other things. This little
feature, though it may seem to be an annoyance to
some, could protect your phone from unauthorized
purposes.

Dr. Ajay Nagne

 What Can we Do? Cont. . . . .
11

 Upgrade Your Phone

 While this cannot guarantee that your phone is not
hackable, it certainly will help. It should be
remembered that the phone companies work hard
to deliver the best technology and conveniences -
but the cell phone hacks work just as hard to be the
first to break the systems designed to defeat them.
It is an ongoing battle.

Dr. Ajay Nagne

 Call Spoofing / Forging
12

 Call forging is method to spoof caller id

number displayed on the mobile
phone/landline.
 It relies on VoIP (Voice over Internet
Protocol)
 VoIP is emerging & exciting innovation as far

as Information & communication technology

is concerned.
 Can be considered as GEN Next Cyber Crime.
Dr. Ajay Nagne
 About Caller Id Forging/Spoofing
13

 Caller ID Forging the practice of causing the telephone

network to display a number on the recipient's caller ID
display which is not that of the actual originating station;
the term is commonly used to describe situations in
which the motivation is considered nefarious by the
speaker.
 Just as e-mail spoofing can make it appear that a
message came from any e-mail address the sender
chooses, caller ID forging can make a call appear to have
come from any phone number the caller wishes.
 Because people are prone to assume a call is coming
from the number (and hence, the associated person, or
persons), this can call the service's value into question.
Dr. Ajay Nagne
 Basics of Call Forging
14

 Firstly the voip is used to call via internet PC to a

telephone.
 In the Voip there is a loop hole which allow a intruder
to spoof a call.
 There are many website on the net which provide the
facility of the internet calling.
 This website work as follows, first the call the source
phone no then the destination number and then
bridge them together.
 Here there is no authentication done by the website
and server are normally located in US and so tracing
of the intruder is not possible.
Dr. Ajay Nagne
 Basics of Call Forging Cont. . . . .
15

 Thus the intruder logs on to this server and

gives a wrong source number and then place a
call over internet which is actually a spoofed call
which shows wrong identity.
 Also there a no laws regarding the call spoofing

in India and so a intruder if gets traced is easily

backed by the loophole of no laws for it.
 thus if you get calls from other numbers dont

trust it they may be spoofed calls.

Dr. Ajay Nagne
 SMS Forging
16

 SMS is one of the most popular means of

communications.
 SMS Forging is the method to spoof sender
id of SMS.
 One can send SMS to international Number

from any number of sender’s choice.

 Facility to choose sender id upto 11

characters/name.
Dr. Ajay Nagne
17

Bluesnarfing

Dr. Ajay Nagne

 Bluesnarfing
18

 Bluesnarfing is the theft of information from

a wireless device through a Bluetooth
connection, often between phones, desktops,
laptops, and PDAs.
 This allows access to a calendar, contact list,

emails and text messages.

 Bluesnarfing is much more serious in relation

to Bluejacking, although both exploit others’

Bluetooth connections without their
knowledge.
Dr. Ajay Nagne
 Bluesnarfing
19

 Any device with its Bluetooth connection

turned on and set to “discoverable” (able
to be found by other Bluetooth devices in
range) can be attacked.
 By turning off this feature you can be
protected from the possibility of being
Bluesnarfed.
 Since it is an invasion of privacy,
Bluesnarfing is still illegal in many
Dr. Ajay Nagne
countries.
 Bluesnarfing Cont. . . . .
20

 There are people who have predicted

the doom of bluetooth attacks like
bluesnarfing.
 Their reasoning is that WiFi will
eventually replace the need for
bluetooth devices and without
bluetooth, it make sense there will be no
bluetooth attacks.
Dr. Ajay Nagne
 Bluesnarfing Cont. . . . .
21

 While convincing and logical, bluetooth have yet to be

phased out long after WiFi is in use.
 In face, there are more and more devices using
bluetooth technology.
 The main reason: It's free. Unlike wifi which is a overall
network and you are just a "user" in the network, you
"own the network".
 You can switch in on and off anytime you like, and you
don't have to pay a cent.
 There is no logic for example to use wifi for connecting
with your headset, but bluetooth fits that function
perfectly. Dr. Ajay Nagne
 Bluesnarfing Cont. . . . .
22

 In fact, this neglect on the importance of bluetooth

has led to an added advantage to bluesnarfers.
 Because every is concern about their Wi-Fi security,
they neglect the fact that their short ranged network
which is their Bluetooth can easier be hacked into
for someone who is nearby or even far away but
with the right equipment.
 The reason why there is little news about
bluesnarfing is that there is no good solution to the
problem at the moment, save for switching off your
Bluetooth device. Dr. Ajay Nagne
 Bluetooth Networks
23

•
• Used to establish wireless personal area
networks (PAN)

• Creates small wireless networks on an ad-hoc

basis, known as piconets

• Typically contain a minimum of two and a

maximum of eight Bluetooth peer devices
Dr. Ajay Nagne
 Bluetooth Network Example
24

Dr. Ajay Nagne

 Piconets
25

• Two or more Bluetooth devices in close

physical proximity that operate on the same
channel

• One device acts as the master while the

others act as slaves

• An example is connection between a mobile

phone and a Bluetooth-enabled ear phone.
Dr. Ajay Nagne
 Piconet Example
26

Dr. Ajay Nagne

 Scatternets
27

• Two or more inter-connected piconets form a

scatternet

• Time Division Multiplexing allows scheduling

of nodes in multiple piconets to be active in
only one piconet at a time

• Could be used to expand the physical size of

the network beyond Bluetooth's limited
range Dr. Ajay Nagne
 Scatternet Example
28

Dr. Ajay Nagne

 Cellphone Bluetooth Vulnerabilities

 Bluesnarfing
 Stealing
contact lists, data, pictures on bluetooth
compatible smartphones
 Bluebugging
 Takingcontrol of a phone to make or listen to calls,
send or read text messages

Dr. Ajay Nagne 6-29

30

Thank You . . . . . !

Dr. Ajay Nagne