35
MOBILE PHONE CLONING INTRODUCTION Mobile communication has been readily available for several years, and is major business today. It provides a valuable service to its users who are willing to pay a considerable premium over a fixed line phone, to be able to walk and talk freely. Because of its usefulness and the money involved in the business, it is subject to fraud. Unfortunately, the advance of security standards has not kept pace with the dissemination of mobile communication. Some of the features of mobile communication make it an alluring target for criminals. It is a relatively new invention, so not all people are quite familiar with its possibilities, in good or in bad. Its newness also means intense competition among mobile phone service providers as they are attracting customers. The major threat to mobile phone is from cloning. What is Cloning : Cloning is the creation of an organism that is an exact genetic copy of another. This means that every single bit of DNA is the same between the two. Remember Dolly the lamb, cloned from a six-year-old ewe AISSMS COE, COMPUTER ENGINEERING 2013 Page 1

Mobile Phone Cloning Report

Embed Size (px)

DESCRIPTION

mobile phone cloning complete report

Citation preview

Page 1: Mobile Phone Cloning Report

MOBILE PHONE CLONING

INTRODUCTION

Mobile communication has been readily available for several years, and is

major business today. It provides a valuable service to its users who are willing to pay

a considerable premium over a fixed line phone, to be able to walk and talk freely.

Because of its usefulness and the money involved in the business, it is subject to

fraud. Unfortunately, the advance of security standards has not kept pace with the

dissemination of mobile communication.

Some of the features of mobile communication make it an alluring target for

criminals. It is a relatively new invention, so not all people are quite familiar with its

possibilities, in good or in bad. Its newness also means intense competition among

mobile phone service providers as they are attracting customers. The major threat to

mobile phone is from cloning.

What is Cloning :

Cloning is the creation of an organism that is an exact genetic copy of another.

This means that every single bit of DNA is the same between the two.

Remember Dolly the lamb, cloned from a six-year-old ewe in 1997, by a group of

researchers at the Roslin Institute in Scotland. While the debate on the ethics of

cloning continues, human race, for the first time, are faced with a more tangible and

harmful version of cloning and this time it is your cell phone that is the target.

Millions of cell phones users, be it GSM or CDMA, run at risk of having their phones

cloned. As a cell phone user if you have been receiving exorbitantly high bills for

calls that were never placed, chances are that your cell phone could be cloned.

AISSMS COE, COMPUTER ENGINEERING 2013 Page 1

Page 2: Mobile Phone Cloning Report

MOBILE PHONE CLONING

Mobile Phone Cloning:

Cloning is the process of taking the programmed information that is stored in a

legitimate mobile phone and illegally programming the identical information into

another mobile phone. The result is that the cloned phone can make and receive calls

and the charges for those calls are billed to the legitimate subscriber. The service

provider network does not have a way to differentiate between the legitimate phone

and the cloned phone.

Phone cloning is the transfer of identity between one mobile telephone and

another. Phone cloning is outlawed in the United Kingdom by the Wireless Telephone

Protection Act of 1998. Usually this is done for the purpose of making fraud lent

telephone calls. The bills for the calls go to the legitimate subscriber. The early 1990’s

were boom times for eavesdroppers. Any curious teenager with a £ 100 Tandy

Scanner could listen in to nearly any analogue mobile phone call. As a result, Cabinet

Ministers, company chiefs and celebrities routinely found their most intimate

conversations published in the next day's tabloids. Cell phone cloning started with

Motorola bag phones and reached its peak in the mid 90's with a commonly

available modification for the Motorola brick phones, such as the Classic, the Ultra

Classic, and the Model 8000.

The Economic Crimes Policy Team was chartered to advance the

Commission’s work in several areas, including the development of options for

implementing the directives contained in the Wireless Telephone Protection Act.

Specifically, this act amended 18 U.S.C. $ 1029 (Fraud and related activity in

connection with access devices) with regard to the cloning of cellular telephones.

The purpose of mobile phone cloning is making fraudulent telephone calls.

The bills for the calls go to the legitimate subscriber. The cloner is also able to make

effectively anonymous calls, which attracts another group of interested users.

AISSMS COE, COMPUTER ENGINEERING 2013 Page 2

Page 3: Mobile Phone Cloning Report

MOBILE PHONE CLONING

Fig: Cellular Phone Cloning

Cell phone cloning is a technique wherein security data from one cell phone is

transferred into another phone. The other cell phone becomes the exact replica of the

original cell phone like a clone. As a result, while calls can be made from both

phones, only the original is billed. Though communication channels are equipped

with security algorithms, yet cloners get away with the help of loop holes in systems.

So when one gets huge bills, the chances are that the phone is being cloned.

Wireless Telephone Protection Act:

Because of increasing financial losses to the telecommunications industry and

the growing use of cloned phones in connection with other criminal activity, Congress

passed the Wireless Telephone Protection Act (WTPA) in April 1998. The legislative

history indicates that, in amending 18 U.S.C. § 1029, Congress was attempting to

address two primary concerns presented by law enforcement and the wireless

telecommunications industry.

First law enforcement officials testified at congressional hearings that they

were having difficulty proving the “intent to defraud” element of the pre-amendment

provision regarding some equipment used to clone phones.

AISSMS COE, COMPUTER ENGINEERING 2013 Page 3

Page 4: Mobile Phone Cloning Report

MOBILE PHONE CLONING

Although there is no legitimate reason to possess the equipment unless an

individual is employed in the telecommunications industry, the prosecution often

could not prove that the equipment was possessed with the intent to defraud.

Second law enforcement officials often discovered cloning equipment and

cloned cellular telephones in the course of investigating other criminal activities, such

as drug trafficking and other fraud. The use of cloned phones to facilitate other crimes

increases the ability of offenders to escape detection because of the increased mobility

and anonymity afforded by the phones. Gangs and foreign terrorist groups are also

known to sell or rent cloned phones to finance their illegal activities.

With these concerns in mind, Congress amended section 1029 in 1998. The

significant changes to the statute include

Elimination of the intent to defraud element with respect to persons who

knowingly use, produce, traffic in, have custody or control of, or possess

hardware (a "copycat box") or software which has been configured for altering

or modifying a telecommunications instrument.

Modification of the current definition of "scanning receiver" to ensure that the

term is understood to include a device that can be used to intercept an

electronic serial number, mobile identification number, or other identifier of

any telecommunications service, equipment, or instrument.

Correction of an error in the current penalty provision of 18 U.S.C. § 1029

that provided two different statutory maximum penalties (ten and 15 years)

for the same offense. With respect to cellular phone cloning, the Act makes

clear that a person convicted of such an offense without a prior section 1029

conviction is subject to a statutory maximum of 15 years; a person convicted

of such an offense after a prior section 1029 conviction is subject to a

statutory maximum of 20 years.

The cloning of a cellular telephone occurs when the account number of

a victim telephone user is stolen and reprogrammed into another cellular telephone.

Each cellular phone has a unique pair of identifying numbers: the electronic serial

number ESN and the mobile identification number MIN. The ESN/MIN pair can be

cloned in a number of ways without the knowledge of the carrier or subscriber

through the use of electronic scanning devices.

AISSMS COE, COMPUTER ENGINEERING 2013 Page 4

Page 5: Mobile Phone Cloning Report

MOBILE PHONE CLONING

After the ESN/MIN pair is captured, the cloner reprograms or alters the

microchip of any wireless phone to create a clone of the wireless phone from which

the ESN/MIN pair was stolen. The entire programming process takes ten-15 minutes

per phone. After this process is completed, both phones (the legitimate and the clone)

are billed to the original, legitimate account.

The cellular telephone industry does not charge legitimate, victimized

customers for fraudulent calls rather the companies absorb the losses themselves. In

addition to losses due to fraudulent billing, the cellular companies incur losses due to

the fees paid for connections and long-distance.

AISSMS COE, COMPUTER ENGINEERING 2013 Page 5

Page 6: Mobile Phone Cloning Report

MOBILE PHONE CLONING

LITERATURE SURVEY

History:

The early 1990s were boom times for eavesdroppers. Any curious teenager

with a £100 Tandy Scanner could listen in to nearly any analogue mobile phone call.

As a result, Cabinet Ministers, company chiefs and celebrities routinely found their

most intimate conversations published in the next day's tabloids. Mobile phone

cloning started with Motorola bag phones and reached its peak in the mid 90’s with a

commonly available modification for the Motorola brick phones , such as the Classic,

the Ultra Classic, and the Model 8000.

The Cellular Telecommunications Industry Association (CTIA) estimates that

financial losses in due to cloning fraud are between $600 million and $900 million in

the United States. Some subscribers of Reliance had to suffer because their phone was

cloned. Mobile Cloning is in initial stages in India so preventive steps should be taken

by the network provider and the Government.

 On April 13, 1998, the Smartcard Developer Association and the ISAAC

security research group announced a flaw in the authentication codes found in digital

GSM cell phones. This allows an attacker with physical access to a target phone to

make an exact duplicate (a “clone'') and to make fraudulent calls billed to the target

user's account.

Press coverage: The Los Angeles Times [local copy]; The New York Times;

The Associated Press; The Wall Street Journal; USA Today; Wired News; Time

daily; Time magazine; The Netly News; CNN; ABC News; Wireless Daily News

[local copy]; The Daily Californian.

AISSMS COE, COMPUTER ENGINEERING 2013 Page 6

Page 7: Mobile Phone Cloning Report

MOBILE PHONE CLONING

Fig: Semi Annual Fraud Dollar Losses in U.S.

Three years later: Indications are that the GSM industry is taking steps to repair the

security weaknesses in the GSM cryptographic algorithms. A patched version of

COMP128 is now available (called COMP128-2), although it remains unpublished.

The U.S. Secret Service and the wireless telecommunications industry are

increasingly concerned about wireless fraud. First, the wireless telecommunication

industry asserts that wireless fraud has grown exponentially since its introduction into

the market. They estimate that wireless fraud costs the telecommunications industry

over $650 million per year. Second, according to the Secret Service cloned phones are

the communications medium of choice for criminals because it gives them mobile

communications and anonymity. Cloned phones are difficult to detect and trace , and

phone numbers can be changed in an instant.

Law Enforcement reports an increase in the number of cloned phones

confiscated during investigations of other offenses, such as drug distribution and

credit card fraud. There are four major types of cellular fraud: counterfeit fraud,

subscription fraud, network fraud, and call selling operations. Explanations of each

are provided below. These cellular telecommunications violations are similar to other

access device violations (e.g. credit cards) in that they involve unauthorized use

AISSMS COE, COMPUTER ENGINEERING 2013 Page 7

Page 8: Mobile Phone Cloning Report

MOBILE PHONE CLONING

and/or access to individual accounts. The changes in 18 U.S.C. § 1029 are aimed at

counterfeit fraud, specifically, the cloning of cellular telephones.

Counterfeit Fraud (cloning): Involves the use of illegally altered

cellular phones Offenders gain access to legitimate account number

combinations and reprogram them into other handsets to gain unauthorized

access to those accounts.

Subscription Fraud: Includes schemes related to fraudulently obtaining

cellular telephone accounts. These may involve employees of the cellular

carrier, forgery of application information, or theft of subscriber information.

Network Fraud: This advanced type of fraud includes efforts to exploit

weaknesses in phone switch equipment and billing systems. Manipulation of

current systems can result in third party billing, use of nonexistent account

numbers, or the use of multiple phones on single accounts.

Fig: Cloning Statistics

Call Selling Operations: This type of fraud involves using stolen calling card

numbers and/or cellular account numbers to sell less expensive cellular long distance

(often international) service to others.

Most importantly, the GSM industry appears to have at least partially learned

the important lesson here: security through obscurity doesn't work. The next-

AISSMS COE, COMPUTER ENGINEERING 2013 Page 8

Page 9: Mobile Phone Cloning Report

MOBILE PHONE CLONING

generation replacement for GSM, called 3GPP, will use algorithms developed based

on principles from the research literature.

Note that the other major players in this arena moved some time ago to open

design processes. This includes the next-generation AES standard process being

shepherded by the US government, as well as the US cellular industry. The US

cellular industry is an interesting case study: initially they used closed design, but

after several of their cryptographic algorithms were rapidly broken by cryptographers

in the open research community, to their credit they quickly moved to an open design

process. I am glad that the GSM/3GPP industry has recognized the benefits of this

approach.

We also understand that the GSM Association has agreed to develop a new,

stronger voice encryption cipher called A5/3, apparently based on Kasumi (a block

cipher which was developed based on principles from the research literature). It will

apparently become mandatory to support A5/3 at some point in the future. I strongly

support the GSM Association's efforts to repair the ailing series of voice privacy

algorithms and provide robust voice privacy protection for the future.

Further information on cryptographic algorithms in GSM and 3GPP may be found at

several web pages:

A very nice guide to 3GPP cryptographic algorithms, from Janos A. Csirik.

A very nice set of links to information on GSM security, from Charles

Brookson.

A survey on GSM security, from Lauri Pesonen.

AISSMS COE, COMPUTER ENGINEERING 2013 Page 9

Page 10: Mobile Phone Cloning Report

MOBILE PHONE CLONING

Over-the-air cloning:

 In our original announcement, we noted that we could not rule out the

possibility of over-the-air attacks, but we emphasized that we had not demonstrated

such an attack. At that time, we did not provide any further analysis on the resources

required to mount an over-the-air attack. There was, for obvious reasons, considerable

interest in the possibility of over-the-air attacks, and we had reason to suspect they

might be possible, but we wanted to be extremely conservative in reporting only what

we knew for certain was exploitable. That viewpoint is probably now best regarded as

outdated.

Since then, extensive conversations with many knowledgeable GSM engineers

has caused us to conclude that over-the-air attacks must be considered available to the

sophisticated attacker in practice. We still have not attempted to build a laboratory

demonstration but the GSM experts we've spoken with have confirmed that it should

be possible and practical to do so. They have reported that a number of aspects of the

GSM protocols combine to make it possible to mount the mathematical chosen-input

attack on COMP128, if one can build a fake base station. Such a fake base station

does not need to support the full GSM protocol, and it may be possible to build one

with an investment of approximately $10k.

Some technical expertise is probably required to pull off the over-the-air

cloning attack, and the attack requires over-the-air access to the target handset for a

relatively long period of time. Therefore, this may be considered a lower level of risk

than that found in old US analog systems with no authentication at all. Nonetheless,

please note that it would be a mistake to underestimate the technical sophistication or

the financial resources of some of today's attackers.

AISSMS COE, COMPUTER ENGINEERING 2013 Page 10

Page 11: Mobile Phone Cloning Report

MOBILE PHONE CLONING

METHODOLOGY

Cell phone cloning is copying the identity of one mobile telephone to another

mobile telephone. Cell phones send radio frequency transmissions through the air on

two distinct channels, one for voice communications and the other for control signals.

Fig: SIM card

SIM which stands for Subscriber Identification Module. The SIM has survived

and evolved. Earlier the mobiles had the entire SIM card to be inserted in them such

SIM’s are called IDG-1 SIM’s. The other in which we small part of the card which

has the chip is inserted in the mobile and is known as PLUG-IN SIM’s. When a

cellular phone makes a call, it normally transmits its Electronic Security Number

(ESN), Mobile Identification Number (MIN), its Station Class Mark (SCM) and the

number called in a short burst of data. This burst is the short buzz you hear after you

press the SEND button and before the tower catches the data. These four things are

the components the cellular provider uses to ensure that the phone is programmed to

be billed and that it also has the identity of both the customer and the phone. MIN and

ESN is collectively known as the Pair which is used for the cell phone identification.

When the cell site receives the pair signal, it determines if the requester is a

legitimate registered user by comparing the requestor's pair to a cellular subscriber

list. Once the cellular telephone's pair has been recognized, the cell site emits a

control signal to permit the subscriber to place calls at will. This process, known as

Anonymous Registration, is carried out each time the telephone is turned on or picked

up by a new cell site.

AISSMS COE, COMPUTER ENGINEERING 2013 Page 11

Page 12: Mobile Phone Cloning Report

MOBILE PHONE CLONING

Each cellular phone has a unique pair of identifying numbers: the electronic

serial number ESN and the mobile identification number MIN. The ESN is

programmed into the wireless phone’s microchip by the manufacturer at the time of

production. The MIN is a ten-digit phone number that is assigned by the wireless

carrier to a customer when an account is opened .The MIN can be changed by the

carrier, but the ESN, by law, cannot be altered .When a cellular phone is first turned

on, it emits a radio signal that broadcasts these numbers to the nearest cellular tower.

The phone will continue to emit these signals at regular intervals, remaining in contact

with the nearest cellular tower. These emissions(called autonomous registration)

allow computers at the cellular carrier to know how to route incoming calls to that

phone, to verify that the account is valid so that outgoing call scan be made, and to

provide the foundation for proper billing of calls. This autonomous registration occurs

whenever the phone is on, regardless of whether a call is actually in progress.

Fig: International Mobile Equipment Identifier.

The IMEI is an abbreviation for International Mobile Equipment Identifier,

this is a 10 digit universally unique number of our GSM handset. I use the term

Universally Unique because there cannot be 2 mobile phones having the same

IMEI number. This is a very valuable number and used in tracking mobile

phones.

AISSMS COE, COMPUTER ENGINEERING 2013 Page 12

Page 13: Mobile Phone Cloning Report

MOBILE PHONE CLONING

Cloning still works under the AMPS/NAMPS system, but has fallen in

popularity as older clone able phones are more difficult to find and newer

phones have not been successfully reverse-engineered.

Cloning has been successfully demonstrated under GSM, but the process is not

easy and it currently remains in the realm of serious hobbyists and researchers.

Fig: Mobile Identification Number

MIN - The MIN (Mobile Identification Number) is simply the phone number of

the cellular telephone.

ESN - The ESN (Electronic Serial Number) is the serial number of your cellular

telephone. The ESN is transmitted to the cell site and used in conjunction with the

NAME to verify that you are a legitimate user of the cellular system.

When placing a call, the phone transmits both the ESN and the MIN to the

network. These were, however, sent in the clear, so anyone with a suitable scanner

could receive them. The eavesdropped codes would then be programmed into

another phone, effectively cloning the original subscription. Any calls made on this

cloned phone would be charged on the original customer.

AISSMS COE, COMPUTER ENGINEERING 2013 Page 13

Page 14: Mobile Phone Cloning Report

MOBILE PHONE CLONING

WHAT IS PATAGONIA?

Patagonia is software available in the market which is used to clone CDMA

phone. Using this software a cloner can take over the control of a CDMA phone i.e.

cloning of phone. There are other Software available in the market to clone GSM

phone. This software are easily available in the market. A SIM can be cloned again

and again and they can be used at different places. Messages and calls sent by

cloned phones can be tracked. However, if the accused manages to also clone the

IMEI number of the handset, for which software are available, there is no way he

can be traced.

Too many users treat their mobile phones as gadgets rather than as a

business assets covered by corporate security policy. There is lucrative black

market in stolen and cloned SIM cards. This is possible because SIM’s are not

network specific and though tamper proof, their security is flawed. In fact ,a SIM

can be cloned many times and the resulting cards used in numerous phones, each

feeding illegally off the same bill. But there are locking mechanisms on the cellular

phones that require a PIN to access the phone. An 8 digit PIN requires

approximately 50,000,000 guesses, but there may be ways for sophisticated

attackers to bypass it. With the shift to GSM digital, which now covers almost the

entire UK mobile sector, the phone companies assure us that the bad old days are

over. Mobile phones, then say, are more secure and privacy friendly. This is not

entirely true. The alleged security of GSM relies on the myth that encryption the

mathematical scrambling of our conversations makes it impossible for anyone to

intercept and understand our words and while this claim looks good on paper, it

does not stand up scrutiny.

Usually this is done for the purpose of making fraudulent telephone calls. The

bills for the calls go to the legitimate subscriber. The cloner is also able to make

effectively anonymous calls, which attracts another group of interested users

AISSMS COE, COMPUTER ENGINEERING 2013 Page 14

Page 15: Mobile Phone Cloning Report

MOBILE PHONE CLONING

Fig: Cloning Device

Cell phones are complex electronic devices, sensitive to heat, cold and

excess moisture. But a cell phone's sensitivity isn't limited to extreme weather

conditions. Analog cell phones, as opposed to the newer digital phones, can be

cloned. This means that someone can tap into your cell phone's personal

identification number and makes calls on the same account. In other words, with a

little technical know-how, someone can steal your phone number and charge the

calls made to your account.

You won't even know it's happened, until you get your phone bill. How does

cloning happen if each phone has its own unique identifying features? Whenever you

dial a number from your cell phone, the ESN (electronic serial number) and MIN

(mobile identification number) of your phone are transmitted to the network

identifying the cell phone dialed from and who to bill. Some people, who work in the

way that computer hackers operate, can use a scanner to listen in to this transmission

and capture the code. They can then use the information they gather to make calls that

are then charged to the account of the phone number they have in effect broken into.

AISSMS COE, COMPUTER ENGINEERING 2013 Page 15

Page 16: Mobile Phone Cloning Report

MOBILE PHONE CLONING

IMPLEMENTATION

GSM:

Global System for Mobile Communications. A digital cellular phone

technology based on TDMA GSM phones use a Subscriber Identity Module (SIM)

card that contains user account information. Any GSM phone becomes immediately

programmed after plugging in the SIM card, thus allowing GSM phones to be easily

rented or borrowed .Operators who provide GSM service are Airtel , Hutch etc.

Looking at the recent case, it is quite possible to clone both GSM and CDMA

sets. The accused in the Delhi case used software called Patagonia to clone only

CDMA phones (Reliance and Tata Indicom). However, there are software packages

that can be used to clone even GSM phones (e.g. Airtel, BSNL, Hutch, Idea). In order

to clone a GSM phone, knowledge of the International Mobile Equipment Identity

(IMEI) or instrument number is sufficient .But the GSM-based operators maintain that

the fraud is happening on CDMA, for now, and so their subscribers wouldn't need to

worry. Operators in other countries have deployed various technologies to tackle this

menace. They are: -

1) There's the duplicate detection method where the network sees the same

phone in several places at the same time. Reactions include shutting them all off, so

that the real customer will contact the operator because he has lost the service he is

paying for.

2) Velocity trap is another test to check the situation, whereby the mobile

phone seems to be moving at impossible or most unlikely speeds. For example, if a

call is first made in Delhi, and five minutes later, another call is made but this time in

Chennai, there must be two phones with the same identity on the network.

3) Some operators also use Radio Frequency fingerprinting, originally a

military technology. Even identical radio equipment has a distinguishing fingerprint,

so the network software stores and compares fingerprints for all the phones that it

sees.

AISSMS COE, COMPUTER ENGINEERING 2013 Page 16

Page 17: Mobile Phone Cloning Report

MOBILE PHONE CLONING

This way, it will spot the clones with the same identity, but different

fingerprints .Usage profiling is another way wherein profiles of customers' phone

usage are kept, and when discrepancies are noticed, the customer is contacted. For

example, if a customer normally makes only local network calls but is suddenly

placing calls to foreign countries for hours of airtime, it indicates a possible clone.

Any GSM phone becomes immediately programmed after plugging in the SIM card,

thus allowing GSM phones to be easily rented or borrowed Operators who provide

GSM service are Airtel ,Hutch etc.

CDMA:

Code Division Multiple Access. A method for transmitting simultaneous

signals over a shared portion of the spectrum. There is no Subscriber Identity Module

(SIM) card unlike in GSM .Operators who provides CDMA service in India are

Reliance and Tata Indicom.

The answer is yes. In spite of this, the security functions which prevent

eavesdropping and unauthorized users are emphasized by the mobile phone

companies. The existing mobile communication networks are not safer than the fixed

Telephone networks. They only offer protection against the new forms of abuse

computer.

The cloning of a cell phone allows the holder of the cloned phone to appear to

be calling from the original phone so that any call charges are applied to the owner of

the original phone. Since 1998 the Federal Communication Commission has made

"the use, possession, manufacture or sale of cloning hardware or software" illegal.

Electronic Serial Number: Each phone has an electronic serial number unique

to that specific handset. Use of ESNs allows cellular radio networks to identify

phones. When a phone connects to a network, the network can route calls and data

consistently and reliably to the right device.

Mobile Identifier Number: A mobile identifier number is a phone number. It

works across networks and international calling areas to specifically route calls and

data to a particular phone. Since MINs can be transferred from one network to

another, the MIN has to be identified with the ESN to create the network connection

to the specific phone number.

AISSMS COE, COMPUTER ENGINEERING 2013 Page 17

Page 18: Mobile Phone Cloning Report

MOBILE PHONE CLONING

SECURITY FUNCTIONS OF THE GSM AND CDMA

As background to a better understanding of the attacks on the GSM and

CDMA network. The following gives a brief introduction to the Security functions

available in GSM. The following functions exist:

• Access control by means of a personal smart card (called subscriber Identity

module, SIM) and PIN (personal identification number).

• Authentication of the users towards the network carrier and generation of A session

key in order to prevent abuse.

• Encryption of communication on the radio interface, i.e. between mobile Station

and base station.

• Concealing the users’ identity on the radio interface, i.e. a temporary valid Identity

code (TMSI) is used for the identification of a mobile user instead Of the IMSI.

WHAT ARE ESN AND PIN?

ESN mean Electronic Serial Number. This number is loaded when the phone

number is manufactured. this number cannot be tampered or changes by the user or

subscriber. If this number is known a mobile can be cloned easily.

Personal Identification Number (PIN) every subscriber provides a Personal

Identification Number (PIN) to its user. This is a unique number. If PIN and ESN

cloned in seconds using some software’s Patagonia which is used to clone CDMA

phones.

AISSMS COE, COMPUTER ENGINEERING 2013 Page 18

Page 19: Mobile Phone Cloning Report

MOBILE PHONE CLONING

Fig: Cellular cloning.

After that write the serial number down along with your phone number and

area code. Next on the phone that does not have service do the same exact steps to get

to the secret menu and then go to the serial number clear the number that’s already in

there and input the serial number of the phone that has service. Then you have to find

your code to be able to change your number (For Nokia phones the secret menu is

*3001#12345#, and the number changer is #639#).

Cloning involved modifying or replacing the EPROM in the phone with a new

chip which would allow you to configure an ESN (Electronic serial number) via

software. You would also have to change the MIN (Mobile Identification Number).

AISSMS COE, COMPUTER ENGINEERING 2013 Page 19

Page 20: Mobile Phone Cloning Report

MOBILE PHONE CLONING

When you had successfully changed the ESN/MIN pair, your phone was an effective

clone of the other phone. Cloning required access to ESN and MIN pairs. ESN/MIN

pairs were discovered in several ways:

Sniffing the cellular

Trashing cellular companies or cellular resellers

Hacking cellular companies or cellular resellers

Cloning still works under the AMPS/NAMPS system, but has fallen in popularity as

older clone able phones are more difficult to find and newer phones have not been

successfully reverse-engineered.

Cloning has been successfully demonstrated under GSM, but the process is not easy

and it currently remains in the realm of serious hobbyists and researchers.

AISSMS COE, COMPUTER ENGINEERING 2013 Page 20

Page 21: Mobile Phone Cloning Report

MOBILE PHONE CLONING

ADVANTAGES AND DISADVANTAGES

ADVANTAGES

If your phone has been lost, you can use your cloned cell phone.

If your phone got damaged or you forgot it at your home or at any other place.

Cloned phone can be useful.

DISADVANTAGES

It can be used by terrorists for criminal activities.

It can be used by cloner for fraud calls.

It can be used for illegal money transfer.

AISSMS COE, COMPUTER ENGINEERING 2013 Page 21

Page 22: Mobile Phone Cloning Report

MOBILE PHONE CLONING

FUTURE SCOPE

Resolving subscriber fraud can be a long and difficult process for the victim. It

may take time to discover that subscriber fraud has occurred and an even longer time

to prove that you did not incur the debts. As described in this article there are many

ways to abuse telecommunication system, and to prevent abuse from occurring it is

absolutely necessary to check out the weakness and vulnerability of existing telecom

systems. If it is planned to invest in new telecom equipment, a security plan should be

made and the system tested before being implemented. It is therefore mandatory to

keep in mind that a technique which is described as safe today can be the most

unsecured technique in the future.

AISSMS COE, COMPUTER ENGINEERING 2013 Page 22

Page 23: Mobile Phone Cloning Report

MOBILE PHONE CLONING

CONCLUSION

Presently the cellular phone industry relies on common law (fraud and theft)

and in-house counter measures to address cellular phone fraud. Mobile Cloning

is in initial stages in India so preventive steps should be taken by the network provider

and the Government the enactment of legislation to prosecute crimes related to

cellular phones is not viewed as a priority, however. It is essential that intended

mobile crime legislation be comprehensive enough to incorporate cellular phone

fraud, in particular "cloning fraud" as a specific crime.

Existing cellular systems have a number of potential weaknesses that were

considered. It is crucial that businesses and staff take mobile phone security

seriously .Awareness and a few sensible precautions as part of the overall enterprise

security policy will deter all but the most sophisticated criminal. It is also mandatory

to keep in mind that a technique which is described as safe today can be the most

unsecured technique in the future .Therefore it is absolutely important to check the

function of a security system once a year and if necessary update or replace it. Finally,

cell-phones have to go a long way in security before they can be used in critical

applications like m-commerce.

AISSMS COE, COMPUTER ENGINEERING 2013 Page 23

Page 24: Mobile Phone Cloning Report

MOBILE PHONE CLONING

BIBLIOGRAPHY

1) Sankaranarayanan, “Mobile Phone Cloning”, Wireless And Optical

Communications Networks(WOCN), 2010 Seventh International Conference

in Sept, 2010.

2) William Stallings, “Wireless Communications & Networks”, Pearson

Publications, 2nd edition

3) SIM cloning TechnicalInfo.com

4) Mobile cloning mobiledia.com

5) http://www.timesmangalore.com

6) http://www.cdmasoftware.com/eng.html

7) http://www.victorgsm.com/products/msl

8) http://www.unlocker.ru/

9) http://infotech.indiatimes.com

10) http://wiretap.spies.com

AISSMS COE, COMPUTER ENGINEERING 2013 Page 24