Researcher Don Bailey of iSec Partners has been cataloging devices communicating through cellular networks for some time. Earlier this year he showed how simple devices designed to report your location can be spoofed, almost trivially, through text messaging. Now Bailey is back with a new presentation at next week's Black Hat USA, where he plans to show how car alarms can fall victim to similar attacks. Car alarms are vulnerable in part because they receive messages from a control server on Internet-ready cellular networks.Read More
In his talk last week, "A Million Little Tracking Devices: Turning Embedded Devices into Weapons," Don Bailey, a security researcher with iSEC Partners, demonstrated how he'd been in Boston, Afghanistan, Libya, and at the White House –all within the 24 hours proceeding the annual Hack In The Box conference in Amsterdam. Or so his tracking device said.
The device, Zoombak, is essentially a GSM module with a separate MicroController, said Bailey. If you want to find a particular Zoombak, the service sends a SMS over GSM with A5/2 encryption and then the device responds with its location via pure HTTP. Bailey said he was able to spoof the responses, and thus appear to have been in four or five countries within the previous 24 hours.Read More