Cell phone hacking has been in the news lately. I was interested in knowing what the heck were they talking about. here is what I found. It should be more accurate to call “Voicemail hacking on the cellphone”. The idea is that someone is able to get into your voicemail box and listen to your voicemail messages. It can be easy in some cases. Following are some of the common ways of doing it. None of these hacks are unquie to cell phones, they will work against landline too.
Most cell phone providers have a fixed default pin for voicemail system. Most users never change the default. So the hack goes like this. you place two simultaneous call to your victim. One of them will go into the voicemail. you press ‘*’ to get to the voicemailbox. Try the default passwords. if the user has not changed the default you are in.
Most users use easy to guess pin. 1234, 4321 etc. hack is same as “1” above.
Calling the voicemailbox from the associated number by default, doesnt ask for passwd. Its easy to spoof the calling number to be whatever you want. So attacker will spoof his number to be same as the victims and call his number.
Brute force : victims number were obtained through bribes, the voicemailbox number can similarly be obtained. 4 digit pin offers a really easy brute force crack, specially via automated diallers!
So how to protect ?
- Make pins required
- Do not leave voicemails around. delete them
- Use something like google voice (there are other providers with similar service), which allows to have electronic copies of your voicemail. delete the original. Its easy to replace the default voicemail to a different provider.
