Security Consultants Discovers A Weakness In Verizon’s Network, Hacks Into Femtocells

Posted Jul 15, 2013

A weakness has been exploited on Verizon’s networks.  Security researchers have found a weakness in a device sold by Verizon, which they said could help hackers spy on private data of Verizon Wireless mobile phone customers.  The security consultants said that they could eavesdrop on Verizon Wireless customer calls, photos, text messages, and e-mails by hacking into Verizon’s signal-boosting devices like femtocells or network extenders.

This is a blow to Verizon at a time where the National Security Agency is looked upon as abusing their power for their abilities to easily surveilling anyone that has a smartphone.  The whistle-blower of the NSA is former BoozAllen and NSA analyst Edward Snowden.

“This is not about how the NSA would attack ordinary people. This is about how ordinary people would attack ordinary people,” stated iSEC Partners senior consultant in an interview with Reuters.  Ritter discovered the vulnerability with his colleague Doug DePerry.  DePerry and Ritter is going to present what they learned at the Black Hat and Def Con hacking conference in Las Vegas.

Femtocells are known for having the ability to amplify network signals with a 40-foot range.  They are sold directly by Verizon to their customers with a price of $250.

Verizon said that they updated their software on its femtocells so that the devices are not manipulated with the technique that was used by the two security researchers.  Verizon added that there are no reports that any customers were affected by the security lapse.

“The Verizon Wireless Network Extender remains a very secure and effective solution for our customers,” stated Verizon spokesman David Samberg.

Ritter said that they can continue to spy on Verizon’s customers using femtocells that were hacked before the company released the security patch.