{"id":36584,"date":"2020-08-13T16:29:36","date_gmt":"2020-08-13T16:29:36","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/31486\/Hackers-Can-Eavesdrop-On-Mobile-Calls-With-7-000-Worth-Of-Equipment.html"},"modified":"2020-08-13T16:29:36","modified_gmt":"2020-08-13T16:29:36","slug":"hackers-can-eavesdrop-on-mobile-calls-with-7000-worth-of-equipment","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/hackers-can-eavesdrop-on-mobile-calls-with-7000-worth-of-equipment\/","title":{"rendered":"Hackers Can Eavesdrop On Mobile Calls With $7,000 Worth Of Equipment"},"content":{"rendered":"<figure class=\"intro-image intro-left\"> <img decoding=\"async\" src=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2020\/08\/revolte-800x340.jpg\" alt=\"Hackers can eavesdrop on mobile calls with $7,000 worth of equipment\"><figcaption class=\"caption\"><\/figcaption><\/figure>\n<aside id=\"social-left\" class=\"social-left\" aria-label=\"Read the comments or share this article\"> <a title=\"56 posters participating, including story author\" class=\"comment-count icon-comment-bubble-down\" href=\"https:\/\/arstechnica.com\/information-technology\/2020\/08\/your-mobile-calls-may-be-vulnerable-to-a-new-revolting-eavesdrop-attack\/?comments=1\"> <\/p>\n<h4 class=\"comment-count-before\">reader comments<\/h4>\n<p> <span class=\"comment-count-number\">84<\/span> <span class=\"visually-hidden\"> with 56 posters participating, including story author<\/span> <\/a> <\/p>\n<div class=\"share-links\">\n<h4>Share this story<\/h4>\n<\/p><\/div>\n<\/aside>\n<p> <!-- cache hit 525:single\/related:82349190dc17e3f44ffc5408edcbb6f1 --><!-- empty --><\/p>\n<p>The emergence of mobile voice calls over the standard known as Long Term Evolution has been a boon for millions of cell phone users around the world. VoLTE, short for Voice over LTE, provides up to three times the capacity of the earlier 3G standard, resulting in high-definition sound quality that\u2019s a huge improvement over earlier generations. VoLTE also uses the same IP standard used to send data over the Internet, so it has the ability to work with a wider range of devices. VoLTE does all of this while also providing a layer of security not available in predecessor cellular technologies.<\/p>\n<p>Now, researchers have demonstrated a weakness that allows attackers with modest resources to eavesdrop on calls. Their technique, dubbed ReVoLTE, uses a software-defined radio to pull the signal a carrier\u2019s base station transmits to a phone of an attacker\u2019s choosing, as long as the attacker is connected to the same cell tower (typically, within a few hundred meters to few kilometers) and knows the phone number. Because of an error in the way many carriers implement VoLTE, the attack converts cryptographically scrambled data into unencrypted sound. The result is a threat to the privacy of a growing segment of cell phone users. The cost: about $7,000.<\/p>\n<h2>So much for more secure<\/h2>\n<p>\u201cData confidentiality is one of the central LTE security aims and a fundamental requirement for trust in our communication infrastructure,\u201d the researchers, from Ruhr University Bochum and New York University, wrote in a <a href=\"https:\/\/revolte-attack.net\/media\/revolte_camera_ready.pdf\">paper<\/a> presented Wednesday at the <a href=\"https:\/\/www.usenix.org\/conference\/usenixsecurity20\">29th USENIX Security Symposium<\/a>. \u201cWe introduced the ReVoLTE attack, which enables an adversary to eavesdrop and recover encrypted VoLTE calls based on an implementation flaw of the LTE protocol.\u201d<\/p>\n<p>VoLTE encrypts call data as it passes between a phone and a base station. The base station then decrypts the traffic to allow it to be passed to any circuit-switched portion of a cellular network. The base station on the other end will then encrypt the call as it\u2019s transmitted to the other party.<\/p>\n<p>The implementation error ReVoLTE exploits is the tendency for base stations to use some of the same cryptographic material to encrypt two or more calls when they\u2019re made in close succession. The attack seizes on this error by capturing the encrypted radio traffic of a target\u2019s call, which the researchers call the target or first call. When the first call ends, the attacker quickly initiates what the researchers call a keystream call with the target and simultaneously sniffs the encrypted traffic and records the unencrypted sound, commonly known as plaintext.<\/p>\n<p>The researchers described it this way:<\/p>\n<blockquote>\n<p>The attack consists of two main phases: the recording phase in which the adversary records the target call of the victim, and the call phase with a subsequent call with the victim. For the first phase, the adversary must be capable of sniffing radiolayer transmissions in downlink direction, which is possible with affordable hardware for less than $1,400 [1]. Furthermore, the adversary can decode recorded traffic up to the encryption data (PDCP) when she has learned the radio configuration of the targeted eNodeB. However, our attacker model does not require the possession of any valid key material of the victim. The second phase requires a Commercial Off-TheShelf (COTS) phone and knowledge of the victim\u2019s phone number along with his\/her current position (i.e., radio cell).<\/p>\n<\/blockquote>\n<p>The attacker then compares the encrypted and plaintext traffic from the second call to deduce the cryptographic bits used to encrypt the call. Once in possession of this so-called \u201c<a href=\"https:\/\/en.wikipedia.org\/wiki\/Keystream\">keystream<\/a>, the attacker uses it to recover the plaintext of the target call.<\/p>\n<p>\u201cThe ReVoLTE attacks exploit the reuse of the same keystream for two subsequent calls within one radio connection,\u201d the researchers wrote in a <a href=\"https:\/\/revolte-attack.net\/\">post explaining the attack<\/a>. \u201cThis weakness is caused by an implementation flaw of the base station (eNodeB).\u201d<\/p>\n<p>The figure below depicts the steps involved, and the video below the figure shows ReVoLTE in action:<\/p>\n<figure class=\"image shortcode-img center large\"><a href=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2020\/08\/revolte-diagram.jpg\" class=\"enlarge\" data-height=\"643\" data-width=\"1226\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2020\/08\/revolte-diagram-640x336.jpg\" width=\"640\" height=\"336\" srcset=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2020\/08\/revolte-diagram.jpg 2x\"><\/a><figcaption class=\"caption\">\n<div class=\"caption-credit\">Rupprecht et al.<\/div>\n<\/figcaption><\/figure>\n<figure class=\"video\">\n<div class=\"wrapper\"><iframe loading=\"lazy\" type=\"text\/html\" width=\"560\" height=\"315\" src=\"https:\/\/www.youtube.com\/embed\/FiiELuFvwu0?start=0&amp;wmode=transparent\" frameborder=\"0\" allowfullscreen>[embedded content]<\/iframe><\/div><figcaption class=\"caption\">\n<div class=\"caption-text\">Demonstration of the ReVoLTE attack in a commercial LTE network.<\/div>\n<\/figcaption><\/figure>\n<h2>Limited, but practical in the real world<\/h2>\n<p>ReVoLTE has its limitations. Matt Green, a Johns Hopkins University professor who specializes in cryptography,&nbsp;<a href=\"https:\/\/blog.cryptographyengineering.com\/2020\/08\/12\/attack-of-the-week-voice-calls-in-lte\/\">explained<\/a> that real-world constraints\u2014including the specific codecs in use, vagaries in the way encoded audio is transcoded, and compression of packet headers\u2014can make it difficult to obtain the full digital plaintext of a call. Without the plaintext, the decryption attack won&#8217;t work. He also said that keystream calls must be made within about 10 seconds of the target call ending.<\/p>\n<p>Additionally, the amount of the target call that can be decrypted depends on how long the keystream call lasts. A keystream call that lasts only 30 seconds will provide only enough keystream material to recover 30 seconds of the target call. ReVoLTE also won\u2019t work when base stations follow the LTE standard that dictates against the reuse of keystreams. And as already mentioned, the attacker has to be in radio range of the same cell tower as the target.<\/p>\n<p>Despite the limitations, the researchers were able to recover 89 percent of the conversations they eavesdropped on, an accomplishment that demonstrates that ReVoLTE is effective in real-world settings, as long as base stations incorrectly implement LTE. The equipment required includes (1) commercial off-the-shelf phones that connect to cellular networks and record traffic and (2) commercially available <a href=\"https:\/\/www.softwareradiosystems.com\/products\/\">Airscope<\/a> software radio to perform real-time decoding of LTE downlink traffic.<\/p>\n<p>\u201cAn adversary needs to invest less than $7,000 to create a setup with the same functionality and, eventually, the ability to decrypt downlink traffic,\u201d the researchers wrote. \u201cWhile our downlink ReVoLTE is already feasible, a more sophisticated adversary can improve the attack\u2019s efficiency by extending the setup with an uplink sniffer, e. g., the <a href=\"https:\/\/www.sanjole.com\/brochures-2\/WaveJudge4900A-LTEHandout-Feb11-2012.pdf\">WaveJudge5000<\/a> by SanJole where we can exploit the same attack vector, and access both directions simultaneously.\u201d<\/p>\n<h2>Am I vulnerable?<\/h2>\n<p>In initial tests, the researchers found that 12 of 15 randomly selected base stations in Germany reused keystreams, making all VoLTE calls transmitted through them vulnerable. After reporting their findings to the industry group <a href=\"https:\/\/www.gsma.com\/security\/gsma-coordinated-vulnerability-disclosure-programme\/\">Global System for Mobile Applications<\/a>, a retest found that the affected German carriers had fixed their base stations. With more than 120 providers around the world and over 1,200 different device types supporting VoLTE, it will likely take more time for the eavesdropping weakness to be fully eradicated.<\/p>\n<p>\u201cHowever, we need to consider a large number of providers worldwide and their large deployments,\u201d the researchers wrote. \u201cIt is thus crucial to raise awareness about the vulnerability.\u201d<\/p>\n<p>The researchers have released an <a href=\"https:\/\/github.com\/RUB-SysSec\/mobile_sentinel\">Android app<\/a> that will test if a network connection is vulnerable. The app requires a rooted device that supports VoLTE and runs a Qualcomm chipset. Unfortunately, those requirements will make it hard for most people to use the app.<\/p>\n<p>I emailed AT&amp;T, Verizon and Sprint\/T-Mobile to ask if any of their base stations are vulnerable to ReVoLTE. So far none of them has responded. This post will be updated if replies come later.<\/p>\n<h2>\u201cUtterly devastating\u201d<\/h2>\n<p>ReVoLTE builds off of a <a href=\"https:\/\/www.cs.ubbcluj.ro\/~forest\/rdsos\/articole\/security\/krack-lte4g.pdf\">seminal research paper<\/a> published in 2018 by computer scientists at the University of California at Los Angeles. They found that LTE data was often encrypted in a way that used the same keystream more than once. By using what&#8217;s known as an <a href=\"https:\/\/en.wikipedia.org\/wiki\/Exclusive_or\">XOR operation<\/a> on the encrypted data and the corresponding plaintext traffic, the researchers could generate keystream. With that in hand, it was trivial to decrypt the data from the first call.<\/p>\n<p>The figure below shows how ReVoLTE does this:<\/p>\n<figure class=\"image shortcode-img center large\"><a href=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2020\/08\/revolte-decryption-overview.jpg\" class=\"enlarge\" data-height=\"789\" data-width=\"1678\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2020\/08\/revolte-decryption-overview-640x301.jpg\" width=\"640\" height=\"301\" srcset=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2020\/08\/revolte-decryption-overview-1280x602.jpg 2x\"><\/a><figcaption class=\"caption\">\n<div class=\"caption-credit\">Rupprecht et al.<\/div>\n<\/figcaption><\/figure>\n<p>\u201cThe keystream call allows the attacker to extract the keystream by XOR-ing the sniffed traffic with the keystream call plaintext,\u201d ReVoLTE researchers explained. \u201cThe keystream block is then used to decrypt the corresponding captured target ciphertext. The attacker thus computes the target call plaintext.\u201d<\/p>\n<p>While ReVoLTE exploits the incorrect implementation of LTE, Johns Hopkins\u2019 Green said some of the fault lies in the opaqueness of the standard itself, a shortcoming that he likens to \u201cbegging toddlers not to play with a gun.\u201d<\/p>\n<p>\u201cInevitably, they\u2019re going to do that and terrible things will happen,\u201d he wrote. \u201cIn this case, the discharging gun is a keystream re-use attack in which two different messages get XORed with the same keystream bytes. This is known to be utterly devastating for message confidentiality.\u201d<\/p>\n<p>The researchers provide several suggestions that cellular providers can follow to fix the problem. Obviously, that means not reusing the same keystream, but it turns out that&#8217;s not as straightforward as it might seem. A short-term countermeasure is to increase the number of what are known as radio bearer identities, but because there&#8217;s a finite number of these, carriers should also use inter-cell handovers. Normally, these handovers allow a phone to remain connected as it transfers from one cell to another. A built-in key reuse avoidance makes the procedure useful for security as well.<\/p>\n<p>\u201c[As] a long-term solution, we recommend specifying mandatory media encryption and integrity protection for VoLTE,\u201d the researchers wrote. \u201cThis provides long-term mitigation for known issues, e. g., key reuse, and missing integrity protection on the radio layer, and introduces an additional layer of security.\u201d<\/p>\n<p> READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/31486\/Hackers-Can-Eavesdrop-On-Mobile-Calls-With-7-000-Worth-Of-Equipment.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":36585,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[60],"tags":[7763],"class_list":["post-36584","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-packet-storm","tag-headlinehackerprivacyphone"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Hackers Can Eavesdrop On Mobile Calls With $7,000 Worth Of Equipment 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/hackers-can-eavesdrop-on-mobile-calls-with-7000-worth-of-equipment\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Hackers Can Eavesdrop On Mobile Calls With $7,000 Worth Of Equipment 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/hackers-can-eavesdrop-on-mobile-calls-with-7000-worth-of-equipment\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2020-08-13T16:29:36+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/08\/hackers-can-eavesdrop-on-mobile-calls-with-7000-worth-of-equipment.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"800\" \/>\n\t<meta property=\"og:image:height\" content=\"340\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"8 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hackers-can-eavesdrop-on-mobile-calls-with-7000-worth-of-equipment\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hackers-can-eavesdrop-on-mobile-calls-with-7000-worth-of-equipment\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Hackers Can Eavesdrop On Mobile Calls With $7,000 Worth Of Equipment\",\"datePublished\":\"2020-08-13T16:29:36+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hackers-can-eavesdrop-on-mobile-calls-with-7000-worth-of-equipment\\\/\"},\"wordCount\":1545,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hackers-can-eavesdrop-on-mobile-calls-with-7000-worth-of-equipment\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/hackers-can-eavesdrop-on-mobile-calls-with-7000-worth-of-equipment.jpg\",\"keywords\":[\"headline,hacker,privacy,phone\"],\"articleSection\":[\"Packet Storm\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hackers-can-eavesdrop-on-mobile-calls-with-7000-worth-of-equipment\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hackers-can-eavesdrop-on-mobile-calls-with-7000-worth-of-equipment\\\/\",\"name\":\"Hackers Can Eavesdrop On Mobile Calls With $7,000 Worth Of Equipment 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hackers-can-eavesdrop-on-mobile-calls-with-7000-worth-of-equipment\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hackers-can-eavesdrop-on-mobile-calls-with-7000-worth-of-equipment\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/hackers-can-eavesdrop-on-mobile-calls-with-7000-worth-of-equipment.jpg\",\"datePublished\":\"2020-08-13T16:29:36+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hackers-can-eavesdrop-on-mobile-calls-with-7000-worth-of-equipment\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hackers-can-eavesdrop-on-mobile-calls-with-7000-worth-of-equipment\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hackers-can-eavesdrop-on-mobile-calls-with-7000-worth-of-equipment\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/hackers-can-eavesdrop-on-mobile-calls-with-7000-worth-of-equipment.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/hackers-can-eavesdrop-on-mobile-calls-with-7000-worth-of-equipment.jpg\",\"width\":800,\"height\":340},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hackers-can-eavesdrop-on-mobile-calls-with-7000-worth-of-equipment\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,hacker,privacy,phone\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinehackerprivacyphone\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Hackers Can Eavesdrop On Mobile Calls With $7,000 Worth Of Equipment\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Hackers Can Eavesdrop On Mobile Calls With $7,000 Worth Of Equipment 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/hackers-can-eavesdrop-on-mobile-calls-with-7000-worth-of-equipment\/","og_locale":"en_US","og_type":"article","og_title":"Hackers Can Eavesdrop On Mobile Calls With $7,000 Worth Of Equipment 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/hackers-can-eavesdrop-on-mobile-calls-with-7000-worth-of-equipment\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2020-08-13T16:29:36+00:00","og_image":[{"width":800,"height":340,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/08\/hackers-can-eavesdrop-on-mobile-calls-with-7000-worth-of-equipment.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"8 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/hackers-can-eavesdrop-on-mobile-calls-with-7000-worth-of-equipment\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/hackers-can-eavesdrop-on-mobile-calls-with-7000-worth-of-equipment\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Hackers Can Eavesdrop On Mobile Calls With $7,000 Worth Of Equipment","datePublished":"2020-08-13T16:29:36+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/hackers-can-eavesdrop-on-mobile-calls-with-7000-worth-of-equipment\/"},"wordCount":1545,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/hackers-can-eavesdrop-on-mobile-calls-with-7000-worth-of-equipment\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/08\/hackers-can-eavesdrop-on-mobile-calls-with-7000-worth-of-equipment.jpg","keywords":["headline,hacker,privacy,phone"],"articleSection":["Packet Storm"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/hackers-can-eavesdrop-on-mobile-calls-with-7000-worth-of-equipment\/","url":"https:\/\/www.threatshub.org\/blog\/hackers-can-eavesdrop-on-mobile-calls-with-7000-worth-of-equipment\/","name":"Hackers Can Eavesdrop On Mobile Calls With $7,000 Worth Of Equipment 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/hackers-can-eavesdrop-on-mobile-calls-with-7000-worth-of-equipment\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/hackers-can-eavesdrop-on-mobile-calls-with-7000-worth-of-equipment\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/08\/hackers-can-eavesdrop-on-mobile-calls-with-7000-worth-of-equipment.jpg","datePublished":"2020-08-13T16:29:36+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/hackers-can-eavesdrop-on-mobile-calls-with-7000-worth-of-equipment\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/hackers-can-eavesdrop-on-mobile-calls-with-7000-worth-of-equipment\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/hackers-can-eavesdrop-on-mobile-calls-with-7000-worth-of-equipment\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/08\/hackers-can-eavesdrop-on-mobile-calls-with-7000-worth-of-equipment.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/08\/hackers-can-eavesdrop-on-mobile-calls-with-7000-worth-of-equipment.jpg","width":800,"height":340},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/hackers-can-eavesdrop-on-mobile-calls-with-7000-worth-of-equipment\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,hacker,privacy,phone","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinehackerprivacyphone\/"},{"@type":"ListItem","position":3,"name":"Hackers Can Eavesdrop On Mobile Calls With $7,000 Worth Of Equipment"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/36584","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=36584"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/36584\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/36585"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=36584"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=36584"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=36584"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}