2. SIM Cards
•Many mobile phones use a special smart card called a
subscriber identity module card (SIM card).
•A SIM card is issued by a network provider. It maintains
personal and contact information for a user and allows
the user to authenticate to the cellular network of the
provider.
2
3. SIM Card
•SIM cards contain several pieces of information that are
used to identify the owner and authenticate to the
appropriate cell network.
•Each SIM card corresponds to a record in the database of
subscribers maintained by the network provider.
•A SIM card features an integrated circuit card ID (ICCID),
•which is a unique 18-digit number used for hardware
identification.
3
4. SIM Card
•Next, a SIM card contains a unique international mobile
subscriber identity (IMSI), which identifies the owner’s
country, network, and personal identity.
•SIM cards also contain a 128-bit secret key. This key is
used for authenticating a phone to a mobile network.
•As an additional security mechanism, many SIM cards
require a PIN before allowing any access to information
on the card.
4
5. INTERNATIONAL MOBILE EQUIPMENT IDENTITY
15-digit number unique to each device
Phone carriers and manufacturers share IMEI numbers to enable tracking of smartphoes that may be
stolen or compromised.
IMEI number of your mobil does not have any other phone in the world, and when your device
connects to a network it automatically sends this identifier.
6. INTERNATIONAL MOBILE SUBSCRIBER IDENTITY (IMSI)
unique number, usually fifteen digits, associated with Global
System for Mobile Communications (GSM) and Universal Mobile
Telecommunications System (UMTS) , identifying a GSM subscriber
This number has two parts.
The initial part is comprised of six digits in the North American standard and five digits
in the European standard. It identifies the GSM network operator in a specific country
with whom the subscriber holds an account.
The second part is allocated by the network operator to uniquely identify the subscriber.
The IMSI is stored in the Subscriber Identity Module (SIM) inside
the phone and is sent by the phone to the appropriate network.
7. INTEGRATED CIRCUIT CARD IDENTIFICATION NUMBER (ICCID)
unique identifier of a Subscriber Identity Module (SIM card) on a mobile device
stored in the SIM cards and printed on the SIM card body
19 or 20 characters containing the Industry Identifier (ISO), country code, issuer identity, account ID,
and other data which allows the network operator to identify the card
8. MSISDN (MOBILE STATION INTERNATIONAL SUBSCRIBER DIRECTORY
NUMBER)
uniquely identifies a subscription in a GSM network
phone number associated with a single SIM card
he number to which you call or send an SMS message
used to identify a mobile user when they make a call or send an SMS.
International Telecommunication Union Telecommunication Standardization Sector (ITU-T) - limits the
maximum length of an MSISDN to 15 digits.
1-3 digits are reserved for country code
9. SIM CLONING`
creating a copy of a SIM (Subscriber Identity Module) card
Unique Identification Number (ICCID), International Mobile Subscriber
Identification Number (IMSI)
Including encryption keys – (used to secure data on a SIM card)
10. WHAT TOOLS DOES THE HACKER USE FOR SIM CLONING?
Blank SIM card
SIM card reader
SIM cloning software
SIM card hacking hardware
Mobile device
12. BLUETOOTH VULNERABILITIES
BlueSmacking
DoS -send a really oversized data packet
BlueJacking
one Bluetooth device hijacks another with spam advertising
BlueSnarfing
can take data- s as your text messages, emails, photos, and the unique identifying
information that your phone or laptop uses with your cellular provider or ISP
BlueBugging
to establish a backdoor on a victim’s phone or laptop.
16. VOICE OVER INTERNET PROTOCOL (VOIP)
Five types of VoIP hacking
Unauthorized use
Toll fraud
Caller ID spoofing
Eavesdropping
17. VISHING (VOIP PHISHING)
Voice Phishing - Voice phishing is the criminal practice of using social
engineering over the telephone system to gain access to personal and
financial information from the public for the purpose of financial reward.
Sometimes referred to as 'vishing’, Voice phishing is typically used to steal
credit card numbers or other information used in identity theft schemes from
individuals.
18. TOLL FRAUDS
International Revenue Sharing Fraud (IRSF)
fraudsters use your phone lines, equipment, or services to generate high
volumes of fake long-distance, international, or premium-rate calls while the
company owning the targeted system gets charged for them
Fraudsters can target mobile phones, calling cards, pay phones, and phone
systems
19. TOLL FRAUDS - TECHNIQUES
• Port Scanning: The Session Initiation Protocol (SIP) for VoIP
uses TCP ports 5060 and 5061 so an unsecured, internet-facing
SIP server is easy to locate.
• Passwords: SIP (Session Initiation Protocol) trunks and SIP
extensions use passwords, so weak or leaked passwords create a
vulnerability.
• Servers: VoIP uses SIP servers that attackers can gain
unauthorized access to and reconfigure.
• Voice Verification Code Spamming: Scripted attacks targeting
SMS.
20. PHONE PHREAKING
manipulating or hacking into a telephone system to make free or
unauthorized calls
to make long-distance calls for free or to access other services such as
voicemail or conference calling
21. OPERATING SYSTEM ON MOBILES PHONES
Mobile Operating System Structure
Mobile Operating System Platforms
Java ME Platform
Palm OS
Symbian OS
Linux OS
Window Phone OS
Google Android Platform
Apple iOS
22. MOBILE OS FEATURES
Features
Multitasking
Scheduling
Memory Allocation
File System Interface
Keypad Interface
I/O Interface
Protection and Security
Multimedia features
23. INTRO TO MOBILE OS
Design and capabilities of a Mobile OS (Operating System) is
very different than a general purpose OS running on desktop
machines:
constraints and restrictions on their physical characteristic
such as screen size, memory, processing power and etc.
Scarce availability of battery power
Limited amount of computing and communication
capabilities
Operating System is a piece of software responsible for
management of operations, control, coordinate the use of the
hardware among the various application programs, and
sharing the resources of a device.
24. OPERATING SYSTEM STRUCTURE
A mobile OS is a software platform on top of which other programs called
application programs, can run on mobile devices such as PDA, cellular
phones, smartphone and etc.
Low-Level Hardware, Manufacturer Device Drivers
Device Operating System Base, Kernel
OS Libraries
Applications
26. GOOGLE ANDROID OS
It is a platform and an operating system for mobile devices based on the
Linux operating system.
It allows developers design applications in a java-like language using
Google-developed java libraries.
It supports a wide variety of connectivity such as GSM, WiFi, 3G, LTE
As of Q3 of 2012, 500 million devices and 1.3 million new activation per day.
Now version 14
28. APPLE IOS
iOS is an operating system run on iPhone, iPad and iPod touch.
It is based on Mach Kernel and Drawin core as Mac OS X.
The Mac OS X kernel includes the following component:
Mach Kernel
BSD
I/O component
File Systems
Networking components
29. APPLE IOS
Mac OS X has a preemptive multitasking environment.
Preempting is the act of taking the control of operating system from one
task and giving it to another task.
It supports real-time behavior.
As of half of 2012, it had 23% share of smart phone OS units sold. 410
million devices activated.
65% of mobile web data consumption.
Most recent version iOS 17.3