How Hackers Track Your Phone
Cell phones have become the most common way for people to communicate across the globe. As time goes on, they continue to become more and more advanced. At this point, you are holding a computer in your hands that just so happens to make phone calls. For many people, cell phones have replaced house phones as a means of communication at home. As of 2010, there are over 5 billion cell phone users all over the worlds. However, due to their wireless connectivity and mobility, cell phones are a big target forhackers. And hacking a cell phone may be easier for them than most people think.
Researchers based out of the University of Minnesota found a big flaw in the cell towers operated by phone service providers AT&T and T-Mobile which allows hackers to easily find the location of a person and their cell phone. According to a research paper, this flaw can be used for the determination of the location of a particular target. The general area of a location can be narrowed down to an area of less than a square kilometer. If a hacker is clever enough and is familiar with their target, they may even be able to pinpoint their target’s location to within a few feet.
Ph.D. student Denis Foo Kune released the following statement about cell phone tracking: “Cell phone towers have to track cell phone subscribers to provide service efficiently. For example, an incoming voice call requires the network to locate that device so it can allocate the appropriate resources to handle the call. Your cell phone network has to at least loosely track your phone within large regions in order to make it easy to find it.”
The researches at the University of Michigan explained their methods as follows: In order to match the codes to the cell phone number, researchers called the phone three times. The code that appeared three times in the same time period in which researchers were listening in is most likely the code of the cell phone. “From there we can use that I.D. to determine if you’re around a certain area or if you’re on a particular cell tower,” he said.
The process requires a feature cell phone and a laptop, running the open-source Osmocom GSM firmware and software respectively, along with a cable connecting the two devices. It also uses a separate cell phone and landline.
The attackers use the landline to call the target’s cell phone when it’s located near the same LAC as the equipment and use the laptop output to monitor the broadcasts that immediately follow over the airwaves to page the target phone.
The implications of this research highlight possible personal safety issues. The group explains their work in a recently presented at the 19th Annual Network & Distributed System Security Symposium and was titled “Location Leaks on the GSM Air Interface”. The group has also contacted AT&T and Nokia with some low-cost options that could be implemented without changing the hardware.