Security researchers turn Verizon femtocell into spy tool
Security researchers Tom Ritter and Doug DePerry from iSEC Partners have discovered a glitch in femtocells from Verizon Wireless that allowed them snoop into text messages and phone calls on a compromised device.
Femtocells are essentially tiny cellphone towers used to improve mobile reception through a broadband connection. They can be purchased directly from Verizon (NYSE: VZ) for $250, and used models can be obtained online for as little as $150. Though a software update from Verizon has since closed the vulnerability uncovered by iSEC, the researchers say talented hackers may find other security holes in the femtocells offered by Verizon--as well as those of other carriers.
For now, the researchers plan to demonstrate their proof of concept system at the Black Hat and Def Con hacking conferences in Las Vegas. They also say a compromised femtocell could be "weaponized" by placing it in a backpack.
The Fierce Take: As I wrote last week, network devices are increasingly coming under attack. Every Internet-connected device has the potential to be hacked. For now, enterprises can tighten the screws on network appliances by keeping their firmware up-to-date and ensuring that they are configured correctly.
- check out this article at PC Magazine