Want to hack into a GSM network? All you need is open source software and less than $1500 worth of gear.
That's according to Chris Paget, who demonstrated the hack at the Defcon conference at Las Vegas in August, using two antennas to spoof AT&T and T-Mobile base stations, connecting dozens of cellphones in the room.
Paget's is not the first "IMSI catcher" - police and security bodies around the world use expensive commercial systems to tap into GSM networks. However, his hack using low-cost gear illustrates that 2G GSM networks are now vulnerable to a broad range of attacks
"GSM is broken - it's just plain broken," Paget declared.
The GSM Association disagreed, saying that any eavesdropper would have difficulty targeting a specific user and that the interception only works within a certain range.