Hackers of India

Mobile-Telephony Threats in Asia

By  Payas Gupta  , Marco Balduzzi  , Lion Gu  on 31 Mar 2017 @ Blackhat


Presentation Material

Abstract

Over the last 10 years, the number of mobile subscribers has largely increased overtaking the world global population in October 2014. In countries like India and China, mobile users represent now 90% of the active population, more than traditional landline. As a consequence, cybercrime has started adopting mobile-telephony channels (cellular networks) as a way to reach potential victims and perform attacks like social engineering, spear phishing and targeted attacks.

In this talk, we shed light on the telephony cybercrime ecosystem by discussing the results of a mobile-telephony honeypot we recently deployed in Asia. By using honeypot sim-cards that we controlled and during a period of seven months, we collected thousands of malicious SMS and fraudulent calls, accounting for over 800 spam messages, hundreds of scams, frauds, voice-over-ip phishing attempts and others. We discuss how cybercrime makes use of mobile-telephony channels and provide examples of how mobile users are concretely threatened.

AI Generated Summarymay contain errors

Here is a summary of the content:

The speaker discusses the risk associated with reusing mobile phone numbers, (e.g., in China), where there is a high demand for numbers but not enough to go around. As a result, (number) are reused, , and this poses a threat to security, as previous owners’ data can be accessed. The speaker shares an example of how their “honorable number” was used to register with a key account, and how the system sent a message asking for two-factor authentication.

To mitigate this risk, the speaker suggests:

  1. Adopting a reputation-based system to identify suspicious numbers.
  2. Implementing blacklists to detect fraudulent activity.
  3. Educating users about the importance of protecting their numbers.
  4. Installing tools that can analyze SMS content and context to identify potential fraud.

The speaker also addresses a question from the audience about whether telecom companies are doing enough to address this issue, concluding that they have little incentive to act since they make money on each call, regardless of who loses out. Regulations may be needed to push telcos to take action.

Finally, the speaker mentions that some companies are using their “telephone honey pot” to collect numbers and create blacklists, which can be installed on phones to detect fraudulent activity, but notes that this is not a foolproof solution.