|
|
|
|
|
|
by vectorEQ
2472 days ago
|
|
|
so many companies who offer these services since forever. verint, gamma, etc. etc. 1 or 2 binary sms sent and you have someones phone depending on your flavor of attack. sim card runs java. with sim pin you can even just send apdu requests to read its filesystem... don't know why now all of a sudden this is a hot topic. it's the whole design of the mobile infrastructure to be able to do this... just think about it:
if you clone someones phone via such method, and they get called, you get called. if you then pickup within ~1 second of them picking up, your speaker is enabled but microphone is disabled so they can't hear you snooping in on them.... that is by design. between carriers everything is unauthenticated, to enable this at global scale... by design. |
|
|