The threat of hackers
taking control of our phones has become a well-founded and shared fear. The
harsh reality is that now any phone can be attacked. Whenever new insights
allow us to develop mobile technologies, hackers manage to take advantage of
them, no matter how sophisticated. But how?
Software created by hackers
Did you know that
there is software for Android and other mobile devices developed by hackers?
And did you know that there are tons of free sites on the Internet where you
can come across this software? Hackers design this type of software to get hold
of mobile phone data. Professional hackers can easily get hold of spy
applications that just install on the mobile they want to attack. Only in some
cases do hackers need to physically access the device to install these apps.
Keylogging is a method
that requires downloading spyware to steal data from your phone before it is
encrypted. This type of software can be used by accessing the phone physically.
Trojans are a type of
malware that can disguise itself on your phone to extract important data, such
as credit card or other personal information. To install Trojans, hackers use
techniques such as "phishing" in order to lure you into a trap.
Phishing
Phishing is a method
that allows hackers to impersonate trusted companies or individuals to obtain
sensitive data. In these cases, they often send emails and text messages with
official-looking codes, images, and text. When the user clicks on such
malicious content, the URL can infiltrate the phone via a link infected with
viruses or software that can steal their personal information.
Attacks using phone numbers
To understand how this
type of attack works, you need to know and understand the technicalities of phone hacking. The SS7 protocol is
the system used to connect mobile phone networks to each other, but to use this
system to infiltrate mobile phones, you must have access to it. If hackers
access the SS7 protocol, they are able to record and forward calls, read
messages, and find locations of a particular device. However, due to the level
of difficulty of said protocol, it is unlikely that a normal person could break
into a phone with this method.
SIM card attacks
In August 2019, the
CEO of Twitter had his SIM card stolen while trying to change his identity.
This strategy begins when the hacker contacts the victim's phone provider,
pretends to be the victim, and asks for a spare SIM card. Once the provider
sends the new SIM card to the hacker, the old SIM card is deactivated and the
hacker gets hold of the victim's phone number. In this way, you can access call
logs, messages, etc. This method is relatively easy if the hacker can convince
the provider that the requester of the change is the victim. Keeping personal
data safe is essential to ensure that hackers cannot impersonate you.
AdaptiveMobile
Security discovered a new method of infiltration in mobile phones using the SIM
card: the so-called simjacker. This method is more complex than phishing, since
it attacks SIM cards by sending a signal to the victim's device. If she opens
the message and clicks on it, hackers are able to spy on her device and even
determine her location.
Bluetooth attacks
Professional hackers
can use special programs to search for vulnerable mobile devices with a working
Bluetooth connection. These types of attacks occur when hackers are close to
the victim's phone, usually in a highly populated area. When hackers connect to
your Bluetooth, they have access to all available information and your Internet
connection, but the data must be downloaded while the mobile phone is nearby.
Don't become a victim of your mobile
As you can see,
hackers have many ways to infiltrate your phone and steal your personal
information. Here are some tips so you don't end up being one of their victims:
1. Don't walk away from your mobile
The easiest way for a
hacker to steal the information on your phone is to physically gain access to
it, so it's important to have it close at all times. If you've walked away from
your phone in a group of strangers and you're worried it's been tampered with,
check your settings and look for unknown apps.
2.Encrypt your device
Encrypting your mobile
can prevent attacks and protect your calls, your messages and your most
sensitive data. To check if a device is encrypted: iPhone users can go to
“Touch ID & Passcode”, scroll to the bottom and turn on data protection.
Android users have automatic encryption depending on the type of phone.
3. Lock your SIM card
Adding a passcode to
your SIM card can protect it from attacks. On an iPhone, this code can be set
in Settings > Cellular > SIM PIN. Enter your existing PIN to enable the
lock. Android users can go to Settings > Lock screen & security >
Other security settings > Set up SIM card lock. Here you can enable the
option to lock the SIM card.
4. Turn off Wi-Fi and Bluetooth
connections
It is very easy for hackers to connect to your mobile via Wi-Fi or Bluetooth, so it is advisable to disable these connections when you do not need them because no hacker warns you before attacking. If you fear attacks in public spaces, unplugging your phone is a good way to keep hackers out.