Cell number hacked? Very concerned

C

C@sparis

Well-Known Member
Joined
Sep 25, 2015
Messages
115
Reaction score
0
Hope this is the right thread.

Quick question pertaining to hacking of a cell phone number.
Went to a prominent place in Cape Town to watch a show. Got to go through security which involves going through a point for scanning, also all devices gets put in the relevant tray upon entering to be scanned.

Within minutes both me and a friend got a call from the same number asking questions involving our vehicles being for sale.
This being to much of a coincidence and hearing other people in the audience getting similar calls made me wonder.
Could there be a way that your cell phone number could be traced from passers by via some app or perhaps at a security check point?? Could bluetooth perhaps be used to record your number from your phone?

Thanks in advance.
 
C@sparis said:
Hope this is the right thread.

Quick question pertaining to hacking of a cell phone number.
Went to a prominent place in Cape Town to watch a show. Got to go through security which involves going through a point for scanning, also all devices gets put in the relevant tray upon entering to be scanned.

Within minutes both me and a friend got a call from the same number asking questions involving our vehicles being for sale.
This being to much of a coincidence and hearing other people in the audience getting similar calls made me wonder.
Could there be a way that your cell phone number could be traced from passers by via some app or perhaps at a security check point?? Could bluetooth perhaps be used to record your number from your phone?

Thanks in advance.
Click to expand...

Is your bluetooth on all the time?
 
Did you provide your cellphone number while booking tickets/attendance to the show? Do the organisers of the show have your contact details?
 
WireFree said:
Did you provide your cellphone number while booking tickets/attendance to the show? Do the organisers of the show have your contact details?
Click to expand...

In this case not at all - Was given tickets as a gift.
The other person involved had no bluetooth activated at all, and no WIFI
In my case my bluetooth and WIFI was on.
Both got the call within minutes
 
As an aside, if hackers get into the global SS7 system they can redirect any number anywhere else, without you knowing anything. The SS7 system is >30 years old and has zero authentication in its message and signal routing. It is the main mechanism used to manage the passing calls between approx 8000 telecommunications companies worldwide. It is one of the greatest vulnerabilities in planetary telecommunications.

Edit. Took a peek at the Wikipedia entry for SS7 and found this:

Wikipedia said:

Protocol security vulnerabilities

Several SS7 vulnerabilities that allow cell phone users to be secretly tracked were publicized in 2008.[13] In 2014, the media reported a protocol vulnerability of SS7 by which both government agencies and non-state actors can track the movements of cell phone users from virtually anywhere in the world with a success rate of approximately 70%.[14] In addition, eavesdropping is possible by using the protocol to forward calls and also facilitate decryption by requesting that each caller’s carrier release a temporary encryption key to unlock the communication after it has been recorded.[15] Karsten Nohl (de) created a tool (SnoopSnitch) which can warn when certain SS7 attacks occur against a phone and detect IMSI-catchers.[16][17]

In February 2016, 30% of the network to the largest mobile operator in Norway, Telenor, became unstable due to "Unusual SS7 signalling from another European operator"[18][19]

In April 2016, US congressman Ted Lieu called for an oversight committee investigation, saying:


The applications for this vulnerability are seemingly limitless, from criminals monitoring individual targets to foreign entities conducting economic espionage on American companies to nation states monitoring US government officials. ... The vulnerability has serious ramifications not only for individual privacy, but also for American innovation, competitiveness and national security. Many innovations in digital security – such as multi-factor authentication using text messages – may be rendered useless.[20]

In May 2017 O2 Telefonica, a german mobile service provider, confirmed that cybercriminals had exploited SS7 vulnerabilities to bypass two-factor authentication (2FA) to do unauthorized withdrawals from users bank accounts. The criminals first infected the account holder's computers in an attempt to steal their bank account credentials and phone numbers. Then the attackers purchased access to a fake telecom provider and set-up a redirect for the victim's phone number to a handset controlled by them. Finally the attackers logged into victims' online bank accounts and requested for the money on the accounts to be withdrawn to accounts owned by the criminals. 2FA confirmation codes were routed to phone numbers controlled by the attackers and the criminals transferred the money out.[21]
Click to expand...

See more on the Telefonica hack earlier this year 2017. Intercepts 2FA and money drained. There's nothing you can do about it.
 
Last edited:
A question, what would be the requirement for a number hack? Yes there is sim swop, of which plagues many but a number hack seems/possibly a new way?

It certainly interesting, hopefully someone with security knowledge/expert can provide information.
 
What is the question here? Can an XRay machine skim your MSISDN?
 
calypso said:
What is the question here? Can an XRay machine skim your MSISDN?
Click to expand...

Ultimately the question is - Can somebody get my number by means of the above.. as you mention?
Can somebody get my number if both bluetooth and WIFI is on?
can somebody get my nubmer if both bluetooth and WIFI is off?

It's rather concerning if these methods are plausible. Could syndicates be stealing vehicles/ personal credentials in the manner?
 
C@sparis said:
Hope this is the right thread.

Quick question pertaining to hacking of a cell phone number.
Went to a prominent place in Cape Town to watch a show. Got to go through security which involves going through a point for scanning, also all devices gets put in the relevant tray upon entering to be scanned.

Within minutes both me and a friend got a call from the same number asking questions involving our vehicles being for sale.
This being to much of a coincidence and hearing other people in the audience getting similar calls made me wonder.
Could there be a way that your cell phone number could be traced from passers by via some app or perhaps at a security check point?? Could bluetooth perhaps be used to record your number from your phone?

Thanks in advance.
Click to expand...

Normally one would expect calls when you have something for sale :confused:
 
C@sparis said:
Ultimately the question is - Can somebody get my number by means of the above.. as you mention?
Can somebody get my number if both bluetooth and WIFI is on?
can somebody get my nubmer if both bluetooth and WIFI is off?

It's rather concerning if these methods are plausible. Could syndicates be stealing vehicles/ personal credentials in the manner?
Click to expand...
Bluetooth and WiFi have nothing to do with GSM, so I would say no, they can't be used directly to skim an Msisdn.

That being said, it's not hard to find someone's number.
 
backstreetboy said:
Normally one would expect calls when you have something for sale :confused:
Click to expand...

LOL - 100% right about that back street boy...:p
Sad thing I forgot to mention, therefore I opened myself for this type of abuse, is that upon starting the thread I should have mentioned that the car is/was not for sale and no sign stuck on the car stating that; nor any contact detail.
The friend who accompanied me was there with me, he had no car with him. Yet he was phoned with the same scam enquiring about his vehicle being for sale.

Being in such a big semi private high security area with this type of thing happening is rather concerning.
What are the limitations of these scammers and how far will they go to take what is not theirs.

Sad, sad, sad.
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X