Feb. 9, 2019
In January, Motherboard revealed that AT&T, T-Mobile, and Sprint were selling their customers’ real-time location data, which trickled down through a complex network of companies until eventually ending up in the hands of at least one bounty hunter. Motherboard was also able to purchase the real-time location of a T-Mobile phone on the black market from a bounty hunter source for $300. In response, telecom companies said that this abuse was a fringe case.
Sep. 15, 2018
Many of us are already conditioned to ignore phone calls from unknown numbers. A new study seems to validate that M.O. By next year, nearly half of the mobile phone calls we get will be scams, according to a new report from First Orion, a company that provides calls management and protection forT-Mobile,MetroPCs,Virgin Mobileand others.
The percentage of scam calls in US mobile traffic increased from 3.7 percent last year to 29.2 percent this year, and it’s predicted to rise to 44.6 percent in 2019, First Orion said in a press release Wednesday. The most popular method scammers use to try to get people to pick up the phone is called ‘neighborhood spoofing,’ where they disguise their numbers with a local prefix so people presume the calls are safe to pick up, First Onion said. Third-party call blocking apps may help protect consumers from known scam numbers, but they can’t tell if a scammer hijacks someone’s number and uses it for scam calls.
Aug. 8, 2018
Police in Florida have arrested a 25-year-old man accused of being part of a multi-state cyber fraud ring that hijacked mobile phone numbers in online attacks that siphoned hundreds of thousands of dollars worth of bitcoin and other cryptocurrencies from victims. The following month, Michigan authorities found the same individual accessing personal consumer data via public Wi-Fi at a local library, and seized 45 SIM cards, a laptop and a Trezor wallet — a hardware device designed to store crytpocurrency account data. In April 2018, the mom again called the cops on her son — identified only as confidential source #1 (“CS1”) in the criminal complaint — saying he’d obtained yet another mobile phone.
Jul. 6, 2018
NSO Group sells some of the most potent, off-the-shelf malware for remotely breaking into smartphones. Some versions allow a law enforcement or intelligence agency to steal essentially all meaningful data from an iPhone with no interaction from the target. Others just require the victim to click one link in a carefully crafted text message, before giving up their contacts, emails, social media messages, GPS location, and much more.
May. 25, 2018
News of this group first surfaced after a report in December 2016, when Russian antivirus vendor Dr.Web disclosed that a mysterious threat actor had found a way to penetrate the supply-chain of several mobile carriers, infecting phones with malware. At the time, experts said they found malware in the firmware of at least 26 low-cost Android smartphone and tablets models. Once ousted, Dr.Web hoped crooks would pack up and move on to another operation.
May. 21, 2018
T-Mobile is investigating a retail store employee who allegedly made unauthorized changes to a subscriber’s account in an elaborate scheme to steal the customer’s three-letter Instagram username. The modifications, which could have let the rogue employee empty bank accounts associated with the targeted T-Mobile subscriber, were made even though the victim customer already had taken steps recommended by the mobile carrier to help minimize the risks of account takeover. So-called “port out” scams allow crooks to intercept your calls and messages while your phone goes dark.
May. 18, 2018
SMS is a weak link in a handset’s security. With it you can interact, remotely, with an application on someone’s phone when the phone is not connected to the internet: Despite being older than many of its users, Short Messaging Service (SMS) remains a very popular communications medium and is increasingly found on remote sensors, critical infrastructure and vehicles due to an abundance of cellular coverage.
May. 15, 2018
Four of the largest cell giants in the US are selling your real-time location data to a company that you’ve probably never heard about before. In case you missed it, a senator last week sent a letter demanding the Federal Communications Commission (FCC) investigate why Securus, a prison technology company, can track any phone ‘within seconds’ by using data obtained from the country’s largest cell giants, including AT&T, Verizon, T-Mobile, and Sprint, through an intermediary, LocationSmart. The story blew up because a former police sheriff snooped on phone location data without a warrant, according The New York Times.
May. 12, 2018
On Thursday, the New York Times published a blockbuster piece revealing how US law enforcement have access to a system that can geo-locate nearly any phone in the country without an officer necessarily having a court order. Now, Motherboard has obtained the letters that Senator Ron Wyden sent to the Federal Communications Commission (FCC) and telecommunications companies demanding answers on the controversial surveillance system. According to the New York Times report, a former sheriff of Mississippi County, Mo., used an obscure service called Securus to surveill targets’ cell phones, including a judge and other law enforcement officials.
Apr. 27, 2018
To be effective, Clear wouldn’t be binding on just Apple but rather manufacturers of all computing devices, many of them low-cost products made by bootstrapped manufacturers. That means there would be dozens, hundreds, or probably thousands of PIN vaults mandated under Clear. And each of them would be a potential target for hackers all around the world.
Source: arstechnica.com
Mar. 1, 2018
The latest zero-day threat to be discovered by Wandera’s mobile threat research team is RedDrop, a family of mobile malware inflicting financial cost and critical data loss on infected devices.
Source: wandera.com