IDG News Service is reporting that a high-level counter-espionage operation has uncovered what seems to be the first instance of a phone switch rootkit – code intended to bury itself deep in an OS and execute commands. The Greek Prime Minister’s mobile phone was secretly tapped (along with about 100 other top government officials) in this sophisticated spy operation. The case remains unsolved, and is still under investigation. Scarier still is the suspicious suicide, in March 2005, of a top engineer at Vodafone Group PLC’s Greek branch. The engineer was responsible for network planning.
An analysis by the IEEE (Institute of Electrical and Electronics Engineers) Spectrum Online website reveals that this operation was incredibly intricate and successful. Diomidis Spinellis, associate professor at Athens University of Economics and Business, said that the case unveiled the “first known rootkit that has been installed in an [phone] exchange.”
A rootkit is a special program that buries itself deep into an OS for some malicious activity and is extremely difficult to detect. The rootkit enabled a transaction log to be disabled and allow call monitoring on four switches made by Telefonaktiebolaget LM Ericsson within Vodafone‘s equipment. The software enabled the hackers to monitor phone calls in the same way law enforcement would, minus the required court order. The software allowed for a second, parallel voice stream to be sent to another phone for monitoring.
The “spies” avoided detection by installing system patches that subverted monitoring systems that would have otherwise alerted administrators that someone was monitoring the network. “It took guile and some serious programming chops to manipulate the lawful call-intercept functions in Vodafone’s mobile switching centers,” says Spinellis.
All this kind of makes you think about what you say over your mobile phones. With our lives becoming more and more digital and mobile, this kind of security breach is sobering indeed. We know we certainly won’t be making any illicit inferences on our handsets anymore – not that we ever did.
[Via: Yahoo News]