mobile cloning presentation
DESCRIPTION
Presentation on Mobile CloningTRANSCRIPT
Guided By: Prepared By : Prof. Ajay Aesha ParikhUpadhyaya (10dit004)
OutlineIntroductionDifferent ways of M-Cloning M-cloning Procedure Methods to detect cloned phonesSecure your MobileTechnical Recommendation for mobile
securityConclusion
2
IntroductionM-Cloning is one of the burning issue of
M-commerce. M-Cloning is copying the identity of one
mobile telephone to another mobile telephone. Main thought behind the evolution of M-
cloning is to create the clone phone which contains the same data and number as in your original phone.
But now a days M-cloning is used for the purpose of making fraudulent telephone calls. The bills for the calls go to the phone subscriber.
Different ways of M-CloningGSM Cloning CDMA CloningCaller ID spoofingCloning using Bluetooth
4
GSM Cloning To do the GSM Cloning handling with SIM card is
required.For GSM cloning we have to create copy of SIM
card.Data from the original SIM card will fetch and insert
the same data in new SIM card as in original card using different software are available in the market.
Software : SIM Manager Pro ChipIt SimScan Cardinal Sim Emu
5
Software for GSM cloning
6
Requirements to run the softwarePersonal computer with an available port
(ex. COM, USB) for the smart card reader A PC/SC compliant smart-card reader Smart card reader driver
7
M-cloning ProcedureLet see the procedure for M- cloning step by
step:Step 1: Few things which we need before we
start. First we will need to buy a SIM card reader, a card programmer, empty silver pic 2 card, and one 9 pin male to female extension cable.
Step 2: We will also need some software for this trick. First we will need a SIM card editor. We can use software here cardinal and Sim Emu.
Step 3: Plug SIM Reader into com port. Then run Cardinal and then click where it says "Click Here" and then click Settings.
8
M-cloning Procedure (cont..)Step 4: Then select your com/serial port and the
baud rate. Then left click where it says "Click Here", go to smartcard, and click SIM editor.
Step 5: The program will from there start up, and you will go to SIM, then SIM Info, and click the load button. After doing this you will see the IMSI code, take note of this code as you will need it.
Step 6: Now close the SIM Info and go to Security/Find key KI. When this window opens just click Start and wait. It will take approximately 4 hours to find the key. Once it is found take note of this KI and exit.
Now we have the IMSI and KI noted, if so lets continue with the next step.
9
M-cloning Procedure (cont..)Step 7: Now take your sim card. Within the
unzipped file within you will find two files. SEE50s.hex and SEF50sEN.hex.
Step 8: Now connect your programmer to a com port and go to the setup menu on your CardMaster program and choose the appropriate com port. You should then see a yellow rectangle at the bottom of the program that says that there is no card.
Step 9: Now insert your smartcard into the programmer, and the rectangle should change to green and you will see "Card ready". Now go to where it says "Card type:" and select "Silvercard".
10
M-cloning Procedure (cont..)Step 10: Now go to the "File to Pic:" field and
upload SEF50sEN.hex and SEE50s.hex. Step 11: Now go to Edit and click "Auto Program". Step 12: Now insert the newly sim card into the
phone. If it asks for a pin just punch in 111. Then from the main menu open up "Sim-Emu".
Step 13: Now from this menu go to
Set Phone #(Insert phone information here), then -
GSM #1 (or any slot), then Configure,
Edit #.
edit GSM #X to any name, and then press ok.
11
M-cloning Procedure (cont..)Step 14: Now go to Config.Pos and it will ask
for PIN2, which will be 1234. It will then ask you what position you want the card to be, choose Position 1.
It will then ask you for the IMSI, which you will punch in the IMSI you got from Cardinal.
It will then ask you for the KI, which again you punch in the KI you got from Cardinal.
Step 15: Then it will then ask you to enter your PUK which can be anything up to 8 digits. Then it will ask you to enter your PIN which can be anything up to 4 digits.
12
M-cloning Procedure (cont..)Step 16:Now we have cloned SIM card
ready for use.Step 17: After the cloning M-cloner can
Monitor the clone phone dataFetch the information stored on cloned phone.Use the owner number and do the fraud call
and huge amount of call/messages.
13
M-cloning Procedure (cont..)
14
M-cloning Procedure (cont..)
15
16
CDMA CloningTo do the CDMA cloning we have to change pair
of ESN/MIN.ESN/MIN pairs were discovered in several ways:
Sniffing the cellular networkTrashing cellular companies or cellular resellersHacking cellular companies or cellular resellers
Software used for CDMA cloningPatagonia
In CDMA instead of SIM card RUMI (Re-Usable Identification Module) card is used. Which provides the interchangeably facility in CDMA mobile.
17
Caller ID SpoofingNo of software’s are available in the market
which allows us Caller ID Spoofing. One of them is SpoofTel. It offers us the ability
to spoof caller ID and SMS messages. We can change what someone sees on their
call display when they receive a phone call to anything we like.
18
Cloning using Bluetooth
Bluejacking BluebuggingBtscanner
19
Methods to detect cloned phoneUser Side
Frequent wrong number phone calls to your phone, or hang-ups.
Difficulty in placing outgoing calls. Difficulty in retrieving voice mail
messages. Incoming calls constantly receiving busy
signals or wrong numbers. Unusual calls appearing on your phone
bills
20
Methods to detect cloned phone(cont..)Operator Side
Duplicate DetectionTime overlap patternVelocity trapRadio Frequency FingerprintingUsage profilingCall CountingCall pattern Analysis
21
Secure your MobilePIN LockingMemory card lockingPhone lockingApplication lockingRemote lockingMobile trackers
22
Technical Recommendation for mobile securityNetwork AuthenticationAdditional EncryptionPassword/Fingerprint SensorProtection against Viruses/Spyware:Regular Tests by Operators
23
ConclusionThe most effective way to improve the privacy of
mobile phone users is to increase the awareness among mobile phone users with the various threats that can compromise their privacy.
Existing cellular systems have a number of potential weaknesses that were considered.
Finally, cell-phones have to go a long way in security before they can be used in critical applications like m-commerce.
However, much more steps and efforts are needed from all people involved in this business including mobile phone operators, mobile phone users, federal and provincial governmental institutes, media, and academia.
24
Referenceshttp://mcom.cs.cmu.edu/http://www.ussc.gov/publicat/cloning.pdfhttp://www.isaac.cs.berkeley.edu/isaac/gsm-faq.htmlhttp://www.wisegeek.comhttp://www.gsm-security.net/faq/imei-international-mobile-
equipment-identity-gsm.shtmlhttp://www.mcks.gov.tr/en/HaberDetay.php?Key=32http://www.gsm-security.net/faq/imsi-international-mobile-
subscriber-identity-number-gsm.shtmlhttp://www.mpirical.com/companion/Generic/LAIIdentity.htm
25
26