Researchers make $1400 IMSI catcher which can track any user’s precise location using Facebook and WhatsApp signal
Researchers have made a low-cost gadget to track the precise location of smartphones using 4G/LTE by hacking Facebook and WhatsApp signals. It was earlier thought that though such attacks could be targeted against the 2G and 3G enabled smartphones and 4G/LTE enabled smartphones are immune. to such attacks Security researchers have revealed how simply contacting somebody via WhatsApp or Facebook messenger can reveal a smartphone owner’s location by exploiting a security flaw in 4G mobile networks.
According to researchers, a hacker could use the apps to discover the supposedly anonymised identifiers that are assigned to devices when they connect to a network. This can than be used to track their precise location.
4G/LTE enabled smartphones are expected to have a user base of about 1.37 billion people by the end of the year. The researchers assembled a $1,400 gadget which runs on freely available open-source software. The contraption can target 4G/LTE smartphones to leak their location to within a 32- to 64-foot (about 10 to 20 meter) radius and in some cases their GPS coordinates. The researchers said only tech savvy smartphone users can detect any intrusion made by their gadget. They also said that there exists a separate method that can track the smartphone user to a area of one square mile and is virtually impossible detect.
When a smartphone connects to a mobile network, it is assigned a temporary number called a TMSI (Temporary Mobile Subscriber Identity). The network then uses this eight-digit number to identify a device, rather than a phone number, to make communication more private.
However, a hacker monitoring radio communications could tie this TMSI to an individual by sending them a Facebook message or WhatsApp chat, both of which trigger a special “paging request” from a network that contains specific location information about a particular TMSI number.
Anybody with a Facebook account can send another user a Facebook message. Unless the two users are friends, this message will end up in Facebook’s “Other” folder, a feature most users do not know about that is only accessible on the social network’s desktop version, but sending a user a message will still trigger a paging request.
Likewise, WhatsApp’s “typing notification” – a feature on the chat app that displays when a contact is composing a message – also triggers the connection. If a hacker has a victim’s phone number, they could send them a message on WhatsApp, and if the victim begins to type a response, the network issues a paging request.
It is relatively easy to monitor these signals using easily-available network hardware, according to the researchers from Aalto University, the University of Helsinki, Technische Universitat Berlin and Telekom Innovation Laboratories.