Phreaking is a slang expression that means the hacking of the telephones, telephone networks and mobile networks with hidden from the user or undocumented features. Phreaking is usually used to make free calls or update personal mobile account.
Phreacker is a person who is engaged in phreaking. Phreakers are taking advantage of the misconduct of the phone in order to have a psychological impact on the end user.
Recently, “phreaking” became also known as means of hacking different electronic systems, such as the system of banking affairs and access control.
History of Phreaking
Phreaking first appeared in the late 60s of the last century in the United States and was closely connected to the telephone corporation called “Bell”. The corporation enveloped the entire territory of the United States with their networks. At that time, Telephone Communication Corporation was not completely based on pulsed signals and various office internal network signals transmitted to the dial tone. Naturally, one day there appeared resourceful people who tried to repeat the funny horns in the handset and received least amusing results. With the submission into the network and sending signals with a certain tone and consistency it was possible to make free calls to any number, arrange conference calls, disconnect from the service, etc.
At the beginning of the formation, there were craftsmen who could whistle the data signals by their mouth or using any musical instrument. In American packets of breakfast cereal called “Cap & Crunch” or “Captain Crunch”, there were free whistles inside each package, emitting howl at the frequency of 2600 Hz corresponding to a signal of the long-distance communication. “Captain Crunch”, by the way, could mimic the signal with his mouth without using of any whistles.
Very soon, skilled craftsmen invented a super radio-electronic device, which made the necessary sounds by pressing certain keys. Device was called “Blue Box” and was widespread among the phreakers. Moreover, there were merchants who sold this machine for crazy money. Bill Gates, Steve Jobs (the head of a Microsoft and Apple (Macintosh), and also Kevin Mitnick (famous hacker) were among the traders. However, no one, except the last, was caught.
However, these sales did not last for long time. After that “Bell Corporation” completely switched to tone signals, and the old tone phone service was canceled. Phreakers finally went out of business with the transition to digital phones.
It should be noted that not only the “BlueBox” was involved in phreaking business. There was also the “BlackBox” (a device that lowers the voltage inside the line) and the “Shitbox” (answerphone payphones to implement some specific actions), etc.
Unlocking and re-flashing the mobile phone or cloning the SIM-cards and other dubious manipulations with a mobile phone are also referred to phreaking.
In the early and mid-90s, mobile phone phreaking thrived standard NMT-450 (which at the time was the way) did not provide any protection. Further, it was replaced by DAMPS, which also quickly learned to hack. First, there were the serial numbers and other relevant technical information and then catching the keys through the airspace. After the introduction of protection of old standards and the transition to the new standards, such as GSM and TSDMA, all was quiet. Later, there appeared information about another burglary protection technology provider from India and China.
Authoritative experts on the network security provided structural hacking of GSM-networks. Researchers have shown how to use the regarding available tools to get the name and location of the subscriber using his cell phone number and vice versa – to get the number and location of the phone using the name of the subscriber.
As stated by Don Bailey in an interview, the telecom industry has a variety of potential threats, but they managed to bring these potential threats in a single powerful tool that proves defenselessness of the U.S. cellular networks. Bailey and DePetrilo’s work is based on studies of Tobias Engel released at the end of 2008. Engel showed how to determine the approximate location of the subscriber knowing the number; however, Bailey and DePetrilo went much further.
According to the researchers, it is appalling that their system allows one to find information on almost any random taken number. For example, if one needs a phone number of Brad Pitt, there is a way to analyze the information that is transmitted to the mobile operators signal caller ID. Using this method, hackers can view all the information about the rooms in California and find a subscriber with this name.
A new way to hack mobile networks is using the mechanism for determining numbers of Caller ID in GSM-networks. The authors were able to use this mechanism to get the full telephone directory for almost all numbers. To do their trick DePetrilo and Bailey have created a virtual number on the basis of an account in one of the Internet phone services, called VoIP (Voice over IP – Voice over IP-networks).
This number has been connected to the mechanism for determining numbers of Caller ID. After creating a virtual room, writers began to call on this number again and again, using large blocks of fake numbers and response mechanism of Caller ID for each of the fixed-line. They also used VoIP-based server on popular Asterisk platform.
The Feature of GSM-network in the U.S.
The feature of GSM-network in the U.S. is that operators support the so-called “register of home addresses” HLR (Home Location Register). Usually, this information linking individual subscribers to their numbers is hidden from casual users. However, the experts managed to find a way to get information directly from the register HLR. The information gathered has helped to create a full directory that connects people with the specific cell phone number. Directory allows you find people by phone number and the number of named person. Studies have collected a huge amount of information about rooms belonging to private companies and state organizations.
At the moment, the researchers did not disclose the full list of tools used for hacking. At the same time, the discoverers have warned the largest mobile operators in the United States of the possible dangers. The reports of serious vulnerabilities of cellular networks GSM-USA were presented at the Source Conference in Boston.
Hackers used the automated scripts for attacks on wireless users of mobile operator AT & T. The purpose of intruders was stealing information stored in the user accounts on the company’s website. However, the attempt has appeared as ineffectual fraud.
In conclusion, it should be pointed out that the history of hacking the phones has a rich and interesting background that does not end with the advent of cellular networks and mobile phones. Moreover, it has moved to a higher level – the level of computer technology. Nowadays, hacking became possible due to a certain symbiosis between computer and a mobile phone. For example, you can get any information about a particular person and even determine his or her current location against his will. Furthermore, the person will not even suspect that somebody watches him. Using the holes in the protection of cellular networks by hackers can become a huge threat to unsuspecting people, especially if the attacker has bad intentions.