Alleged vulnerability exploited to hijack phone numbers

May 25, 2009 10:58 GMT  ·  By

Ultrascan AGI, an association specializing in international organized crime investigations, reports that cybercriminal gangs are looking to acquire discontinued Nokia 1100 phones, which were manufactured in Bochum, Germany, for as much as $35,000. Informants say that a vulnerability in the phone's underlying software allows fraudsters to use other people's numbers.

Nokia 1100 was a highly successful low-cost phone model released by the giant mobile manufacturer back in 2003. Designed for developing markets and available for under $100, Nokia 1100 became the world's best-selling consumer electronics product in 2006, exceeding the 200-million-unit mark.

Ultrascan was alerted by police officials monitoring the black market of unusual transactions involving such phones. "Six months ago out of the ordinary offers started to float the Internet fora and auction sites, prices started to rise above Nokia's official price of around 100 euro," the investigators explain. "In January, this year offers ranged from trading against iPods or cash 300 euro. In the past two months prices ranged between 7.500 and 10.000 euro, but this week a Nokia 1100 was sold for 25.000 euro [$35,000]," they announce.

So, how does a very cheap phone end up being sold for $35,000? Apparently, it is not so much about the phone itself, but rather about where it was made, more precisely in a now-closed Nokia factory near Bochum, in Germany. According to an Ultrascan informant, cybercriminal rings operating out of Morocco, Russia and Romania are able to hack the phones produced there and hijack Transaction Authentication Numbers (TANs) send by banks in some countries via SMS.

Nokia officials note that the company is not aware of any vulnerability in the phone's software that would facilitate this, but the investigators strongly feel that they are on the right track. "We have received 3 German Nokia 1100 for testing. We have outsourced the testing of the phone, to be examined and tested to see if the TAN interception can be replicated," Ultrascan announced today.

If the information proves to be accurate, it would justify the high prices that fraudsters are willing to pay for the phones. TANs are one-time-use security codes generated by banks in countries such as Germany or Holland in order to confirm online transactions. Customers receive such random numbers via SMS and then have to input them in a web form in order to prove that the transaction requests came from them.

This makes life very difficult for cybercriminals, even if they are sitting on a pile of valid banking details for people located in countries where TAN is a common practice. Therefore, the ability to hijack someone's phone number long enough to receive the secure confirmation code after initiating an illegal transaction would make for a vital advantage. Meanwhile, Ultrascan is expecting the results from experts testing its sample phones by the end of the month.