CreepyDOL And F-BOMB - Mobile Spying Network With Raspberry Pi
If you our constant reader you probably see that we at jammer-store.com try to highlight and describe the most urgent problems with personal security and privacy protection, and that post is actually about that. In that post we would like to show you how weak our privacy is and how is it can be breached. That's the main reason why we always say that wireless data transmission standards are really vulnerable and they are not suitable for work with personal information.
Brendan O'Connor, an American specialist at IT security has shown his research at BlackHat USA 2013 conference at Las Vegas. He has created CreepyDOL – a particular app and firmware that works with F-BOMB (Falling/Ballistically-launched Object that Makes Backdoors). That F-BOMB is a hazardous device that is based on Raspberry Pi, the tiny portable minicomputer.
What is so dangerous?
Why is it dangerous? First of all using that device an evildoer will be able to create a whole network of devices that steal Wi-Fi traffic. Wi-Fi is rather vulnerable as it is, but with F-BOMB and CreepyDOL, it becomes even more dangerous. And what's most important – such a device is extremely cheap, and you can get all the needed components on the Internet for just around $55-60.
What is F-BOMB?
F-BOMB is built on ARM central processor unit with 700 MHz clock frequency. Also, it has 256 MB of RAM memory and two Wi-Fi switches. As we've already mentioned, those devices steal Wi-Fi traffic and gather user's personal information. It is also rather small, and that's why it is easy to hide in any public place. You can link a couple of those CreepyDOLs into a network and they will share data between them.
The main problem here is the fact that any phone has vulnerabilities, and they send lots of personal data unencrypted. That fact makes intercepting Wi-Fi traffic really dangerous. Also, it is possible to track any users in the F-BOMB's network range. You just need to know the victim's MAC address.
Unfortunately, VPN is not an option here to. For example, to create a VPN tunnel on iOS device, you have to connect Wi-Fi network first, and configure VPN. In that time iPhone will already get a couple of updates, get texts from your Facebook account and sync your files with Dropbox. We have to mention that iOS sends all that data unencrypted.
Brendan O'Connor said that the goal of his project was not to create a spying device but to show people that they can be tracked mot only by the country with billions of dollars behind them but with an ordinary guy that has ~$500 and will get 10 F-BOMBs too. So the security of your personal information is your primary objective here.
Signal jamming devices
But what to do about that new way of stealing personal data? Its is almost impossible to avoid using wireless networks in the modern world. But we may help. First of all you should avoid mobile banking apps, see our rules of safe mobile banking and you will learn why. The next step will be is to avoid social networks, at least do not to access those in public places and what's most important – avoid public Wi-Fi hotspots, those are dangerous because you don't know that exactly do you connect: a simple Wi-Fi router or a hacker's laptop.
But if you want to be sure in the safety of your data – get a Wi-Fi signal-jamming device. It will block any 2,4 GHz devices around you, including F-BOMB. Stay safe!