Nokia 1100 Can Be Used For Hacking Banks

VIP LOUNGE

CLOUD LOGIN

You are here: News > News > Nokia 1100 Can Be Used For Hacking Banks

» IT Security NEWS

» 31 May 2009

Nokia 1100 Can Be Used For Hacking Banks

A firm specializing in fraud investigation has confirmed the rumors surrounding the Nokia 1100's abilities to hack through bank transfers. The Ultrascan company has provided a presentation that demonstrates how hackers can reprogram that particular model of Nokia cellphone to receive other people's SMS (Short Message Service, otherwise known as text messages), which could result in serious repercussions to bank account holders from Holland and Germany. That's because German and Dutch banks use SMS to allow their clients to do banking transfers.

Simply put, Ultrascan has proven that the Nokia 1100 has a component that enables a very powerful hack that could let Internet swindlers hijack SMS delivered by banks that permits banking transfers. These European banks follow a simple verification process wherein a password (the mTAN or the mobile Transaction Authentication Number) is sent to account holders through a text message order form that permits them to make money transfers over the phone.

Ultrascan is the first company to establish that Bochum-manufactured Nokia 1100 cellphones are capable of doing very potent and financially crippling SMS hacks. Nokia itself maintains that its firmware has no flaws or exploitable vulnerabilities that will allow online banking frauds. Many of its customers wish that the Finnish phone company's claims are correct. However, the fact that the $100 phone is currently being sold for $32,000 underground doesn't bode well to these people's hopes.

Nokia 1100 cellphones are made with a particular material and unique specifications in Bochum, Germany because they're the only model that can capture another person's number. In Ultrascan's demonstration of the Nokia 1100's capabilities, they reprogrammed the cellphone to intercept the text messages from other mobile phones during a simulated bank heist.

The good news is that hackers are incapable of taking advantage of this unexpected and illegal benefit if they don't know the name and password of their designated targets. However, if they can manipulate something as harmless as a cellphone to pilfer SMS, then it won't be a problem for them to acquire the personal data of their would-be victims as well. They'll probably use phishing scams and the like to acquire key information from their marks first, and then go from there.