The GSM network, known as the “normal” mobile phone network, accounts for 80% of the global mobile market and is used by 4 billion phones worldwide.
Recently, a new cell phones vulnerability have been demonstrated by Karsten Nohl, head of Germany’s Security Research Labs, which shows that any phone on any GSM network is vulnerable to attack.
The new attack – which Karsten Nohl did not publish – allows hackers to control hundreds of thousands of mobile phones at once.
The attack allows hackers complete control over the handsets, and could be used to make or send texts to premium phone and messaging services – a typical fraudster attack which can leave victims with enormous bills.
Karsten Nohl said that although he refused to lay out details of how the attack worked, it was inevitable that hackers would reproduce it “within weeks”.
“We can do it to hundreds of thousands of phones in a short timeframe,” Karsten Nohl said in advance of a presentation at a hacking convention in Berlin on Tuesday.
Security Research Labs said: “GSM telephony is the world’s most popular communication technology – connecting over four billion devices.”
“The security standards for voice and text messaging date back to 1990 and have never been overhauled.”
Similar attacks against a small number of smartphones have been done before, but the new attack could expose any cellphone using GSM technology.
Such attacks are fairly common against corporate phone systems.
Fraudsters make calls to the numbers from hacked business phone systems or mobile phones, then collect their cash and move on before the activity is identified.
The cell phone users typically don’t identify the problem until after they receive their bills and telecommunications carriers often end up footing at least some of the costs.
Even though Karsten Nohl will not present details of attack at the conference, he said hackers will usually replicate the code needed for attacks within a few weeks.