The program, called Datapp, was developed by the University of New Haven’s Cyber Forensics Research and Education Group. According to the group’s director, Ibrahim Baggili, Datapp can turn any computer into a mobile wireless transmitter, so it may then interact with a mobile device and “sniff” the traffic to find unencrypted data. It then reconstructs the content, including images or messages, to literally show the user what was vulnerable to hackers.
Citing one example, Baggili noted that content sent over Facebook’s Messenger service isn’t encrypted, meaning hackers can pretty easily gain access to, say, “compromising” selfies.
Also this week, Israel-based tech company CoroNet unveiled a new program that can tell if a mobile device is connecting a fake cellular station or WiFi signal, of the type sometimes used by hackers (and in some cases, law enforcement or intelligence agencies) to gain access to a mobile device without its owner’s knowledge.
Mobile devices are programmed to locate and connect to the strongest available nearby signal, allowing determined hackers to grab mobile data by deploying their own cellular signal, in effect “impersonating” a legitimate network station. In fact, the software to do this, called OpenBTS, is freely available; all that’s needed is the hardware, which has dropped in price in recent years.
CoroNet’s software examines the pattern of data transmission to figure out if the cellular station or WiFi access point is legitimate or fake. CoroNet isn’t sharing many details about what kind of clues the software picks up, but these can include things like the pattern of radio waves. After detecting a fake signal, the program can then cut the connection and reroute the call to a legitimate station. It is compatible with Android and iOS devices, and can also run on a laptop.