We wanted to alert you to a VERY interesting thing we noted today on a wireless penetration test. While conducting the test we started seeing some strange traffic from the Spotify client that actually is not good, not good at all. What we observed were packets going over the network that included the cell phone number, model of the phone and various meta data identifying the handset to include the IMEA of the handset.
This is troubling as we observed the phone looking for it's home network, as soon as we spoofed that home network the handset connected and then spewed out the information identified above. The information is going back to spotify and we have seen similar things from pre-loaded Verizon handsets as well so this is a bit concerning as that information could be used to mount very specific attacks on an individual.
We ended up with enough information to verify the following information:
1. Cell Phone Owners Name
2. IMEA of the Handset and Phone Number
3. MAC Address of the Phone when it associated to the network
4. The Model of the Phone
I am not sure why Spotify would be collecting this information but we wanted to let you know.
We may be able to reproduce this. This would be a great method for verifying somebody is inside a building or some similar attack.
No comments:
Post a Comment