Hackers are buying Nokia 1100 phones

In the process of investigating the case of postal fraud in the Netherlands, the police faced a very interesting fact - an unknown buyer gave 25,000 euros for the Nokia 1100 phone.

This budget model was released at the end of 2003 and was intended for emerging markets, including Russia. The price of the phone was less than 100 euros.

In an effort to find out why cybercriminals are willing to pay such big money for a cheap and seemingly unremarkable device, the police turned to Ultrascan Advanced Global Investigations. Ultrascan experts found out that criminals are not attracted to all Nokia 1100 devices, but only manufactured at the Nokia factory in Bochum (Germany).

This series of devices was recognized as defective due to problems in outdated software created back in 2002. The problems found make it possible to reprogram the device and intercept one-time TAN transaction codes (Transaction Authentication Number). Now many European banks are sending such codes to the client’s personal phone as SMS messages. After receiving a TAN-code, the user confirms the transfer of money, but with the help of a hacked Nokia 1100 phone, attackers can intercept a one-time password and a TAN-code, and then transfer money to their account.
')
In addition, Nokia 1100 handsets made in Bochum allow not only to intercept messages sent to other numbers. For example, in 2005, the Dutch police could not locate the subscribers who send their SMS messages from Nokia 1100 phones using standard methods. Later, the police could still prove that the message sender was in the right place at the right time, but the problem was Nokia 1100 remains.

It is interesting to note that Nokia has sold more than 200 million copies of the Nokia 1100 worldwide and models based on it, but the number of vulnerable devices is not precisely known.

More (eng.)