“NSO Group had been exploiting a vulnerability in its software that allowed them to
compromise a phone simply by targeting it with a voice call
that planted malware on the device capable of silently stealing a victim’s messages.
Now, in the same week when WhatsApp revealed that NSO Group had in fact targeted 1,400 of its users, Reuters reports that government officials in more than 20 countries have also been targeted via WhatsApp hacking” (src)
Luckily… Mrs Merkel is still using her old Nokia (but Chinese still try to read her SMS Text Messages see: “Chinese hackers deployed a new cyber-espionage tool on Linux servers belonging to a telecommunications network provider to steal SMS message content for specific recipients” (src))
Stallman: does not use SmartPhones
But then still: “stingray” “fake” cell phone towers and SS7
“Signaling System 7 (SS7) vulnerability is a reality. Not only that, it’s an intentional loophole that’s existed for years.” (src)
“Hackers can read text messages, listen to phone calls and track mobile phone users’ locations with just the knowledge of their phone number using a vulnerability in the worldwide mobile phone network infrastructure.
The exploit centres on a global system that connects mobile phone networks, and can give hackers, governments or anyone else with access to it remote surveillance powers that the user cannot do anything about.”
“Signalling System No 7 (SS7), which is called Common Channel Signalling System 7 (CCSS7) in the US or Common Channel Interoffice Signaling 7 (CCIS7) in the UK, is a system that connects one mobile phone network to another.”
“Once they have access to the SS7 system, a hacker can essentially have access to the same amount of information and snooping capabilities as security services.”
“They can transparently forward calls, giving them the ability to record or listen in to them. They can also read SMS messages sent between phones, and track the location of a phone using the same system that the phone networks use to help keep a constant service available and deliver phone calls, texts and data.
Who is affected by the vulnerability?
Should a hacker gain entry to the SS7 system on any number of networks, or if they are used by a law enforcement agency as part of its surveillance, anyone with a mobile phone could be vulnerable.”
2014: The Guardian: Which phones do world leaders use? (src)
- Obama: “Barack Obama was the first US president to use a cell phone while in office. When he first became president, Obama was allowed to keep his Blackberry, but the NSA modified the device so he could only contact his closest advisors, according to CNN. During his last year in office, Obama was allowed to ditch the Blackberry for an iPhone, but that device also had many of its features wiped away for security reasons, including the ability to take photos, text, make calls, or play music.” (src)
- Trump: unkown, probably multiple
- “It’s still unclear what type of smartphone Trump is using as president, but the Times reported that he ditched the old Android in favor of a “secure, encrypted device” that was approved by the Secret Service.” (src)
- “The POTUS has a phone provided by the NSA. As far as I know there are a total of 11 phones like that one around.
Those phones are not a special version of commercial phones, are totally re-engineered.
As far as it is known, do not connect to the Internet, do not allow the user to install any app, allow only to make and receive calls and text messages (maybe mail, not sure).
Telecom operators servers are also configured to protect those phones against attacks that use SS7 vulnerabilities.
Now, maybe they even use other phones, I don’t know.”
- Putin: none, red landline (probably encrypted) phones only.
- “Dmitry Medvedev, who is known for his love of Apple products and became one of the first owners of an iPhone 4 when Steve Jobs gave him the still-unreleased phone in Silicon Valley.”