Attacking Gsm Base Stations And Mobile Phone Basebands presented at HITBSecConf Malaysia 2010

by The Grugq (COSEINC),

Tags: Mobile Security Security


Summary : Recent technological advances have placed GSM tools within the reach of today’s security researchers and hackers. It is finally possible to directly explore the lowest levels of the GSM stack.

This talk focuses on both sides of the GSM network where the users and network directly interact: the Um (air) interface. The primary technological focus of this talk is on the exposed interfaces between the GSM networks and users. This covers the base station system — the network components which communicate with mobile phones — and the base band — the component of the mobile phone which communicates with the network.

During the talk the two main components of the attack system will be demoed – malicious basestations and malicious basebands. The base station enables fuzzing mobile phone basebands, as well as other attacks. The baseband is used to test GSM network equipment for flaws, as well as exploit backend systems. The demos will target the Maxis and DiGi networks, showing vulnerabilities in the GSM protocol.

Trust us, you’ll *want* to turn off your phone for the duration of this talk!