Stories
Slash Boxes
Comments

SoylentNews is people

posted by cmn32480 on Sunday November 06 2016, @10:07AM   Printer-friendly
from the still-at-that-irresponsible-age dept.

Fortune reports:

[18 year old] Meetkumar Hiteshbhai Desai was arrested[PDF] by the Cyber Crimes Unit of the Maricopa County Sheriff's Office, after he shared [with his 12,000 Twitter followers] a link to a JavaScript exploit that forced iPhones to call 911 repeatedly. The link was clicked 1,849 times, triggering over 100 "hangup calls" to the 911 dispatch center in Surprise, Arizona, within a matter of minutes. The Maricopa [Sheriff's] Office says that put the center in "immediate danger of losing service to their switches".

Large volumes of fraudulent calls were also directed to the Peoria, Arizona police department and to the Maricopa County [Sheriff's] office, also threatening 911 service in those areas. Other fake calls were also reportedly directed to agencies in California and Texas.

Desai has been charged with 3 felony counts of computer tampering, though he told the [Sheriff's] office that he distributed the exploit accidentally. Desai told investigators in part that he was researching bugs to turn over to Apple as part of its bug bounty program, announced at the Black Hat conference this summer.

Desai told investigators that while working to exploit a bug discovered by an acquaintance online, he developed two versions of the malicious JavaScript code--one that opened popups and executed other annoying commands on a phone that accessed it, and another that commanded the phones to repeatedly dial 911. He told investigators that he had intended to share the less-malicious version of the exploit as a kind of prank, but accidentally shared the 911-dialing version instead.

[...] Researchers demonstrated in September that only 6,000 phones affected by a similar hack could cause major disruptions to 911 services across a mid-sized U.S. state. 911 systems are particularly vulnerable because the FCC requires that mobile 911 calls be exempted from certain kinds of service filtering. Some forms of malware can even generate audio content with the calls, making it very difficult for call centers to distinguish between legitimate and fraudulent calls.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 0) by Anonymous Coward on Monday November 07 2016, @03:49PM

    by Anonymous Coward on Monday November 07 2016, @03:49PM (#423543)

    of the Maricopa County Sheriff's Office,

    Tells you everything you need to know. Sherriff Joe (SS Oberführer, Reichsfuhrer promotee) Arpaio, head of the Arizona Gestapo overseeing the most elite Cyber Crimes unit of a county sherriff's department. Anything else in the article is irrelevant. (And forget about the whole notion of Apple or any other smartphone manufacturer actually ALLOWING a javascript to dial numbers. But, you see, Cupertino is a little out of Sheriff Joe's authoritah, er, jurisdiction.)