Skip to content →

AirGap phone security analysis

  • Risks analysis against IMSI Catcher attack
  • Analysis of exploitable or insecure implementation of GSM Air Interface (Um Interface) and Radio Application Processor (RAP), such as “Silent call” (possibility to turn a phone into a remote microphone, even when it is switched off) or “Silent SMS” (Type0 SMS, leaking phone location and availability)
  • Fuzz testing of Um Interface (possibility of soft or hard brick device remotely, resistance to SMS of Death, SMS parsing engine exploit, …)
  • Automatic execution of Configuration SMS (possible redirection of mobile data streams)
  • Wi-Fi privacy and exploitability analysis
    • Analysis of insecurely transmitted data over WIFI and its possible abuse
    • Possibility to forge fake SSL certificates on application layer

Published in Services