• 

Details

Created on Thursday, 31 July 2014 04:00

So, after listening to a Rapid 7 webinar today I got the idea to packet capture everything going between my smartphone and my local wifi router.

As expected, such things as Google, Facebook, and Skype are fully encrpyted, but there were a few apps that (unexpectedly) were not.

Why does this matter? Well, it takes a little bit of explaining but it's fairly simple:

Scenario

You are at Tim Hortons, getting some lunch, and you connect your smartphone to the WiFi network. A few notifications pop up but you ignore them. You check your Facebook, Tweet how you are loving your "Double, double" then see you have a message from your phone company. Your bill is due today! You decide to make a call from your RingCentral VOIP App on your smartphone (readily available for Android/iPhone), to make a credit card payment and avoid those late fees. After you finish the call, you enjoy your coffee and then head back to work to finish your day. 

A week passes and (if you're really lucky) you get an unexpected call on your phone. Your credit card agency is calling because you have spent thousands of dollars in the last few days on itunes and they're not sure if the charges are valid.

What happened?

How did your credit card get stolen?

 When you connected to that Tim Hortons public Wifi, did you see that little thing where it said "you're on an unencrypted network and your traffic may be visible." No? Well when you made the ringcentral call to pay your Bell bill, there was an indentity thief capturing all the clear-text traffic on the network from their car outside.. Ringcentral does not encrpyt their voip communications and it can be easily intercepted as I demonstrate in the following video:

 Now this is not limited to just this app. Instagram, Tinder, and many other apps are affected as well.