The Hacker’s Choice ( announced a security problem with Vodafone’s Mobile Phone Network today. Using standard consumer hardware, THC was able to access Vodafone’s internal network and customer equipment. An attacker can listen to UK Vodafone mobile phone calls.This unprecedented hack was made possible by Vodafone’s Sure Signal, a femtocell (think tiny cell tower) customers plug into their home internet connections for better cell reception.

The technical details are available at

THC purchased its femtocell from Vodafone UK and examined how the device communicated to Vodafone’s core network. They discovered that because of a flaw in how Vodafone implemented its system, it gave full access to the network to the femtocell, a device the hackers had full control of. Vodafone also used the same ‘newsys’ administrator password across all devices.

Eduart Steiner, Senior Security Researcher, explains the details :
“A Femto is linked to the Vodafone core network via your home Internet connection. The Femto uses this access to retrieve the secret key material of a Vodafone customer who wants to use the Femto.”

Vodafone says only a limited number of registered phones are allowed to access each customer’s femtocell.

Source: thc