Devastating mobile attack under spotlight

All mobile phones may be open to a simple but devastating attack that enables a third-party to eavesdrop on any phone conversation, receive any and all SMS messages, and download the phone’s address book, Techworld.nl reports.

The attack, outlined by a German security expert, would amount to the largest ever breach of privacy for billions of mobile phone users across the world. But it remains uncertain exactly how easy and how widespread the problem could be thanks to a concerted effort by mobile operators to muddy the issue while they assess its extent.

The German expert claims he can reprogram a phone using a “service SMS” or “binary SMS” message, similar to those used by the phone operators to update software on the phone.

“I found this on a very old Siemens C45 phone, and then tried it on a Nokia E90 and a Qtek Windows Mobile 2005 phone. None of them authenticated the sender of the service SMS. We could not believe no one had found this possibility before us,” he said.

On all these phones, he was able to launch an example Trojan called “Rexspy”, which he says ran undetected. Rexspy copies all SMS messages to the attacker, and allows the attacker to eavesdrop on any phone conversation by instructing the phone to silently conference the attacker into every call.

The official response of the mobile phone operators when asked about the threat is that the attack is phoney.