CreepyDOL And F-BOMB - Mobile Spying Network With Raspberry Pi
If you our constant reader you probably see that we at jammer-store.com try to highlight and describe the most urgent problems with personal security and privacy protection, and that post is actually about that. In that post we would like to show you how weak our privacy is and how is it can be breached. That's the main reason why we always say that wireless data transmission standards are really vulnerable and they are not suitable for work with personal information.
Brendan O'Connor, American specialist at IT security have showed his research at BlackHat USA 2013 conference at Las Vegas. He has created CreepyDOL (Creepy Distributed Object Locator) – a special app and a firmware that works with F-BOMB (Falling/Ballistically-launched Object that Makes Backdoors). That F-BOMB is a really dangerous device that is based on Raspberry Pi, the tiny portable minicomputer.
Why is it dangerous? First of all using that device an evildoer will be able to create a whole network of devices that steal Wi-Fi traffic. Wi-Fi is rather vulnerable as it is, but with F-BOMB and CreepyDOL, it becomes even more dangerous. And what's the most important – such a device is extremely cheap, and you can get all the needed components on the Internet for just around $55-60.
F-BOMB is built on ARM central processor unit with 700 MHz clock frequency. Also it has 256 MB of RAM memory and two Wi-Fi controllers. As we've already mentioned those devices simply steal Wi-Fi traffic and gathers user's personal information. It is also rather small and that's why it is easy to hide in any public place. You can link a couple of those CreepyDOLs into a network and they will share data between them.
The main problem here is the fact that any smartphone has vulnerabilities and they send lot's of personal data unencrypted. That fact makes intercepting Wi-Fi traffic really dangerous. Also, it is possible to track any users in the F-BOMB's network range, you just need to know the victim's MAC address.
Unfortunately, VPN is not an option here to. For example, to create a VPN tunnel on iOS device you have to connect Wi-Fi network first, and configure VPN. In that time iPhone will already get a couple of updates, get messages from your Facebook account and sync your files with Dropbox. We have to mention that iOS sends all that data unencrypted.
Brendan O'Connor said that the goal of his project was not to create a spying device, but to show people that they can be tracked mot only by the government with billions of dollars behind them, but with an ordinary guy, that has ~$500 and will get 10 F-BOMBs too. So the security of your personal information is your primary objective here.
But what too do about that new way of stealing personal data? Its is almost impossible to avoid using wireless networks in a modern world. But we may help. First of all you should avoid mobile banking apps, see our rules of safe mobile banking and you will learn why. The next step will be is to avoid social networks, at least do not access those in public places and what's the most important – avoid public Wi-Fi hotspots, those are dangerous because you don't know that exactly do you connect: a simple Wi-Fi router or a hacker's laptop.
But if you want to be sure in the safety of your data – get a Wi-Fi signal jamming device. It will block any 2,4 GHz devices around you, including F-BOMB. Stay safe!