I Hacked My Friend's Phone to Show How Easy It Is

I hacked Linus! (0s)

• Linus, from Linus Tech Tips, was the target of a phone hack. (2s)
• The phone hack involved intercepting phone calls and stealing two-factor authentication passcodes. (11s)
• The hack was carried out remotely without any physical contact with Linus's phone or sending him any messages. (21s)

How Steve Jobs and Steve Wozniak hacked the telephone network (59s)

• Before Apple, Steve Jobs and Steve Wozniak created an illegal device called the “blue box” that allowed users to make free long-distance phone calls. (1m3s)
• The “blue box” worked by tricking the telephone company into connecting calls for free. (1m26s)
• Jobs and Wozniak believed that their experience creating and using the “blue box” gave them the confidence and skills to eventually start Apple Computer. (1m51s)

Early history of the telephone (2m22s)

• Before the mid-1920s, most phones lacked dialing mechanisms and relied on operators to connect calls. (2m23s)
• The rotary dial telephone was introduced to automate call connections, using pulses corresponding to each digit to establish connections. (3m23s)
• The introduction of touch-tone phones, which used specific frequencies for each button, enabled control signals to be sent within the voice band, facilitating long-distance automation. (4m40s)

The kidnapping of Sheikha Latifa (7m8s)

• Sheikha Latifa, daughter of Sheikh Mohammed, the ruling emir of Dubai, claimed she was held captive and abused by her father for several years. (7m16s)
• In 2018, Latifa attempted to escape with the help of Tiina Jauhiainen and Hervé Jaubert, but was apprehended by agents sent by her father while on Jaubert's yacht. (7m24s)
• It is believed that the agents were able to locate the yacht by exploiting the SS7 network to pinpoint the captain's location. (8m7s)

How Signalling System No. 7 works (8m41s)

• SS7, introduced in 1980, is a global network used by telecommunication companies to communicate with each other, similar to how the internet uses IP addresses. (9m41s)
• One of the main uses of SS7 is roaming, which allows mobile phone users to connect to foreign networks and have their home networks verify their accounts and billing information. (8m59s)
• Initially designed as a closed network with few security concerns, the SS7 network has expanded to include over 1200 operators and 4500 networks, making it more vulnerable to security risks. (10m17s)

Why SS7 is vulnerable to hacking (11m3s)

• There are potentially thousands of ways to access SS7, including through third-party services, bribery, and hacking. (11m14s)
• A single SS7 connection can be purchased for a few thousand dollars per month. (11m27s)
• Due to global agreements between providers, accessing one trusted Global Title (GT) can grant access to all the GTs they have partnerships with. (11m44s)

How hackers gain access to phones (12m15s)

• A unique 15-digit identifier called an International Mobile Subscriber Identity (IMSI) on a SIM card is key for identification on a mobile network. (12m40s)
• Hackers can use messages like "send routing info" to collect a subscriber's IMSI. (12m55s)
• An individual's phone calls can be routed to another device without their phone ringing, even with a regular SIM card. (15m24s)

How I was able to spy on Linus’ phone (16m17s)

How hackers can intercept text messages (18m9s)

• Hackers can intercept text messages by tricking the network into thinking the target is roaming, which reroutes their messages. (18m22s)
• This allows hackers to steal one-time passwords used in two-factor authentication. (18m26s)
• It is also possible to track a target's location using SS7, which does not rely on GPS. (20m57s)

How your location can be tracked via SS7 (21m4s)

• SS7 attacks can identify a target's location by determining the cell tower the target is connected to. (21m38s)
• In 2016, researchers used SS7 to track US Congressman Ted Lieu's location. (21m58s)
• Criminals have used SS7 to intercept two-factor authentication codes and steal money from bank accounts. (24m6s)

How to protect your phone from hacking (29m3s)

• To avoid SMS interception, use alternative two-factor authentication methods like authenticator apps or hardware tokens. (29m11s)
• To prevent phone tapping, use encrypted internet-based calling services like Signal or WhatsApp. (29m21s)
• SS7 exploits represent a significant privacy intrusion with millions of abuse cases monthly. (29m32s)