MOBILE-TELEPHONY THREATS IN ASIA presented at BlackhatAsia 2017

by Payas Gupta, Marco ‘embyte’ Balduzzi, Lion Gu,

Summary : Over the last 10 years, the number of mobile subscribers has largely increased overtaking the world global population in October 2014. In countries like India and China, mobile users represent now 90% of the active population, more than traditional landline.
As a consequence, cybercrime has started adopting mobile-telephony channels (cellular networks) as a way to reach potential victims and perform attacks like social engineering, spear phishing and targeted attacks.
In this talk, we shed light on the telephony cybercrime ecosystem by discussing the results of a mobile-telephony honeypot we recently deployed in Asia. By using honeypot sim-cards that we controlled and during a period of seven months, we collected thousands of malicious SMS and fraudulent calls, accounting for over 800 spam messages, hundreds of scams, frauds, voice-over-ip phishing attempts and others. We discuss how cybercrime makes use of mobile-telephony channels and provide examples of how mobile users are concretely threatened.