Integralis warns of Hotspot vampires

Mobile Internet, The, June, 2004

Mobile handsets leaving users vulnerable to WLAN hacker attacks

Integralis warns that unwitting WLAN Hotspot users risk having their account details, including passwords, "hijacked" by Hotspot hackers because of a serious security flaw found in the SMS validation process used by T-Mobile and Vodafone. The flaw affects users signing up for the WLAN service via insecure Bluetooth-enabled mobile phones, or potentially anyone using a vulnerable mobile phone in public when Hotspot hackers sign up for the service invisibly on behalf of the user.

Users face astronomical phone bills as hackers target this simple SMS validation process to gain unlimited Internet access from WLAN hotspot venues across Europe and the United States. Potentially, hackers could also open multiple Internet accounts which they could "tout" in online forums. A key aspect of this "hijack" is that the perpetrated fraud is untraceable.

Hotspot Access:

Hotspot users wishing to surf the Web from a PDA or notebook PC can register with that particular outlet's Internet provider from their mobile phone, via SMS. All they have to do is send a simple code word to their mobile phone operator or log onto a Hotspot Web page to receive an SMS message containing their personal login data. This Internet account, which could have an unlimited validity period, can be used at Hotspots compatible with that mobile operator across Europe and the United States. Costs for accessing the Internet are billed automatically to the user's mobile phone.

Hotspot Piracy:

Hackers use their laptops or PDAs at public places to scan for susceptible handsets with activated Bluetooth interfaces. Once the hacker has identified a handset, they then identify the type of operator and then initiate SMS communication with the target handset, submitting a request for personal Internet access login data or register the victim's mobile number on the operator's Hotspot Web page.