Hackers Have Broken Into GPRS Billing
Guy Kewney is reporting that some hackers have cracked a security vulnerability associated with GPRS billing and have been ripping off customers left and right. He expects more details to be officially revealed today. The vulnerability comes from the way the GPRS network links up to the internet as a whole, assigning an IP address to the connection in service. The hackers keep pinging IP addresses owned by GPRS providers until they find one that responds – showing that it’s in use. They then start providing “services” to that GPRS user, which the user ends up getting billed for. Of course, it would seem easy to catch the scammers, since they’re the ones getting paid for the faked services. It sounds like the story was leaked by Check Point who (of course) is offering up a solution to the problem.