Three researchers have shown that using thousands of infected phones could trigger automated DDoS attacks, and drop the US emergency telephone system "for days".
The theoretical attack uses a malware (malware) που καλύπτει το International Mobile Subscriber Identity ενός τηλεφώνου (IMSI). Το κακόβουλο λογισμικό δείχνει μόνο τον αριθμό International Mobile Station Equipment Identity (IMSEI), ο οποίος κρύβει την προέλευση των attacks and does not allow the device to be recognized and added to a blacklist.
Researchers Mordechai Guri, Yisroel Mirsky and Yuval Elovici from Ben-Gurion University report that malicious software could make calls without the owners of the device knowing it.
So at 911 DDoS: Threat, Analysis and Mitigation [PDF] report that with 6.000 infected smartphones they could block a local US emergency call system (911).
"A rootkit that is placed within the firmware baseband of a mobile phone can also cover random cellular identifiers, creating a device that has no real recognition within the mobile network."
"Such anonymous phones can make repeated emergency calls and cannot be blocked from the network or emergency call centers, technically or legally."
So, according to 200.000 researchers, infected devices could drop emergency services across the US.
