A hacker has showed how to break into a GSM network using open source software and gear costing less $1500.
Chris Paget demonstrated the hack at the Defcon conference at Las Vegas, using two antennas to spoof AT&T and T-Mobile base stations, connecting dozens of cellphones in the room.
“As far as your cell phones are concerned, I'm now indistinguishable from AT&T,” he said.
The device tricks nearby cell phones into believing it is a legitimate cell phone tower and routing their calls through it.
“GSM is broken — it's just plain broken,” he added.
Paget said that while recipients see caller IDs that differ than the cell numbers of the people calling them, that would easily fixed with a software patch.
Paget’s is not the first “IMSI catcher” – police and security bodies around the world use expensive commercial systems to tap into GSM networks.
However, his hack using low-cost gear illustrates that the networks are now vulnerable to a broad range of attacks.