[ISN] Vendor Claims Hackers Can Hijack Hotspot Authentication

From: InfoSec News (isn@private)
Date: Fri Jun 18 2004 - 01:57:02 PDT

  • Next message: InfoSec News: "[ISN] Web-security group seeks to plant its flag in San Antonio"

    [Slow day at the Integralis Security Labs? Read the their advisory,
    and I'm sure you will agree that social engineering one of the
    employees would be considerably easier than trying to abuse three
    seperate technologies just to score free Hotspot airtime.  - WK]
    By Mobile Pipeline News 
    June 17, 2004
    A security flaw in some implementations of Bluetooth enables hackers 
    to easily steal Wi-Fi hotspot authentication information, a U.K. 
    security firm said Thursday. 
    According to security integrator Integralis, the Bluetooth flaw is 
    exploited when users sign up for hotspot access using SMS text 
    messaging, a method allowed by a variety of hotspot providers. The 
    Bluetooth security flaw enables nearby hackers to intercept the SMS 
    message containing log-on information as it travels between the user 
    and the hotspot vendor, according to the company. 
    The company issued a security advisory [1] this week about the
    problem.  The company said it found the potential problem exists with
    a variety of operators including Cingular in the U.S., and T-Mobile
    and Vodafone in Europe.
    For example, T-Mobile enables its voice users to send an SMS message 
    to a specific number containing the word "open." The company then 
    sends a message back to the user with log-on information. The victim 
    will be billed for all the unauthorized access while detection of the 
    attack is virtually impossible, according to Integralis. 
    The company said the attack can be automated and accomplished in under 
    a minute. It said it had no evidence that such attacks have actually 
    The company suggested users first check to see if their phones are 
    vulnerable by accessing a separate security advisory it previously 
    issued. It also suggested that users check for firmware updates for 
    their phones, to switch off Bluetooth visible mode and, if possible, 
    to not use Bluetooth in public places. 
    [1] http://www.integralis.co.uk/about_us/press_releases/2004/150604SA.html
    ISN mailing list
    Sponsored by: OSVDB.org - For 15 cents a day, you could help feed an InfoSec junkie!
    (Broke? Spend 15 minutes a day on the project!)

    This archive was generated by hypermail 2b30 : Fri Jun 18 2004 - 02:35:49 PDT