Editor's Note: This story was first published on August 25, 2000. Heard a strange click on your cell phone? It just might have been someone listening in. Ever seen an unknown number on your phone bill? Someone may have cloned your phone. The devices are out there. They're contraband. It's illegal to possess them, to use them, and illegal to use any of the information gained from using them. From pens used to eavesdrop on conversations to "magic boxes" for cloning cell phones, the US Secret Service has confiscated a wide array of eavesdropping gadgets. These high tech tools have been used in the latest round of scams, schemes, and underhanded shenanigans. Robert Weaver has seen most of them. He heads the New York Electronic Crimes Task Force and is the the assistant to the special agent in charge at the US Secret Service in New York. The contraptions at his offices are "confiscated equipment, representing five years of work and over eight hundred cases [with] arrests and convictions," he told "CyberCrime's" Alex Wellen. "Each one of them [that] we progressed with, we learned from." Weaver claims one device first recorded the credit card number, then the passcode from unsuspecting travelers using pay phones in "one of the largest telecommunications scams in the United States." That was one of the simpler eavesdropping devices the team has seen. Since 1995, Weaver and his crew have used the confiscated gadgets to educate and train other law enforcement agencies, along with private sector groups. Cloning, without the sheep Magic boxes and "copy cats" are two contraband items that clone mobile phones. Just plug them into a cell phone, and suddenly you can reprogram the phone to accept a stolen phone number. If that doesn't do the trick, Weaver advises, "what the bad guys do is they open it up on the back, they reprogram the chips on the inside, and they make this phone do something illegal and accept stolen information and stolen property." Weaver's collection also includes telephone plugs, pens, and power strips, all used to surreptitiously eavesdrop on conversations. One plug was a crucial piece of evidence in the Bernhart Bowitz case. "We started to focus on an individual," says Assistant US Attorney Eric Friedberg. "Bernard Bowitz market[ed] over the Internet, which was somewhat unusual at that time. Back in 1995, [he] started marketing an illegal device [to] clone cellular phones." Unlike the magic box (which stored only one stolen number), Bowitz' cell tracker could store 99 phone numbers. That's the key to fraud. "If I spread my usage over a hundred stolen telephone numbers so there's only ten stolen calls on each number," Friedberg explains, "it flies under the radar of the programs that the telephone company is running [to detect fraud]." Beyond cloning, the cell tracker could also be used to monitor other cell phone conversations or even bug a room. To do that, someone calls the phone number of the cell tracker, then dials a special code, and the phone in the room never actually rings. The phone's owner never even knows that someone's called the number, but the phone can monitor the room's conversation. Packed with features as it is, the cell tracker did not actually steal the phone numbers. "In this case," Friedberg says, "the defendant was using another peripheral device called an ESN reader." An ESN reader works by intercepting the phone's unique Electronic Serial Number, as well as its MIN (Mobile Identification Number) -- in other words, your telephone number. Normally, both numbers are authenticated at a cell tower, but with an ESN reader someone can intercept and steal the pair, in a "man-in-the-middle attack." The ESN and the MIN are then uploaded to a cloned cell phone. "If I took an ESN reader, such as the one that this defendant sold and put it on this table," Friedberg asserts, "by the end of this interview, that ESN reader would probably have captured a thousand stolen numbers." Bowitz "sold at least a dozen ESN readers to the undercover [agent], and they came with pamphlets about how you program them, how you use them to capture numbers," Friedberg says. The first email wiretap But capturing Bowitz back in 1995 called for groundbreaking investigative techniques, including the first email wiretap. "We basically made it up as we went [along]," Friedberg admits. "The Internet service provider that we were dealing with had no precedent for technically being able to do this, and they actually had to write software that would create a BBC box, like a blind carbon copy, so that anything that went in or out of the defendant's email box would be blind carbon copied to our email box that we then could access." "We did an email wiretap, court-ordered, for eighty-five days, and [got] over thirteen hundred intercepts. Twenty-four hours a day, domestically, internationally, around the world, we intercepted them here," Weaver concludes. "It proved to be very fruitful," adds Friedberg, "because we could see who else the defendant was dealing with, in terms of both the distribution of the phones stateside and the manufacture of the phones overseas." 'The most dangerous eavesdropping devices' Even though the case is five years old, the cell tracker phone and ESN reader remain two of the most dangerous eavesdropping devices smuggled into the country, according to Friedberg and Weaver. "I think now there are still very serious attacks on privacy of communications through a variety of different software and hardware," Friedberg says. "We're still seeing a lot of very intrusive illegal eavesdropping devices being marketed, both in traditional forms and over the Internet."
Heard a strange click on your cell phone? It just might have been someone listening in. Ever seen an unknown number on your phone bill? Someone may have cloned your phone.
The devices are out there. They're contraband. It's illegal to possess them, to use them, and illegal to use any of the information gained from using them. From pens used to eavesdrop on conversations to "magic boxes" for cloning cell phones, the US Secret Service has confiscated a wide array of eavesdropping gadgets. These high tech tools have been used in the latest round of scams, schemes, and underhanded shenanigans. Robert Weaver has seen most of them. He heads the New York Electronic Crimes Task Force and is the the assistant to the special agent in charge at the US Secret Service in New York. The contraptions at his offices are "confiscated equipment, representing five years of work and over eight hundred cases [with] arrests and convictions," he told "CyberCrime's" Alex Wellen. "Each one of them [that] we progressed with, we learned from." Weaver claims one device first recorded the credit card number, then the passcode from unsuspecting travelers using pay phones in "one of the largest telecommunications scams in the United States." That was one of the simpler eavesdropping devices the team has seen. Since 1995, Weaver and his crew have used the confiscated gadgets to educate and train other law enforcement agencies, along with private sector groups. Cloning, without the sheep Magic boxes and "copy cats" are two contraband items that clone mobile phones. Just plug them into a cell phone, and suddenly you can reprogram the phone to accept a stolen phone number. If that doesn't do the trick, Weaver advises, "what the bad guys do is they open it up on the back, they reprogram the chips on the inside, and they make this phone do something illegal and accept stolen information and stolen property." Weaver's collection also includes telephone plugs, pens, and power strips, all used to surreptitiously eavesdrop on conversations. One plug was a crucial piece of evidence in the Bernhart Bowitz case. "We started to focus on an individual," says Assistant US Attorney Eric Friedberg. "Bernard Bowitz market[ed] over the Internet, which was somewhat unusual at that time. Back in 1995, [he] started marketing an illegal device [to] clone cellular phones." Unlike the magic box (which stored only one stolen number), Bowitz' cell tracker could store 99 phone numbers. That's the key to fraud. "If I spread my usage over a hundred stolen telephone numbers so there's only ten stolen calls on each number," Friedberg explains, "it flies under the radar of the programs that the telephone company is running [to detect fraud]." Beyond cloning, the cell tracker could also be used to monitor other cell phone conversations or even bug a room. To do that, someone calls the phone number of the cell tracker, then dials a special code, and the phone in the room never actually rings. The phone's owner never even knows that someone's called the number, but the phone can monitor the room's conversation. Packed with features as it is, the cell tracker did not actually steal the phone numbers. "In this case," Friedberg says, "the defendant was using another peripheral device called an ESN reader." An ESN reader works by intercepting the phone's unique Electronic Serial Number, as well as its MIN (Mobile Identification Number) -- in other words, your telephone number. Normally, both numbers are authenticated at a cell tower, but with an ESN reader someone can intercept and steal the pair, in a "man-in-the-middle attack." The ESN and the MIN are then uploaded to a cloned cell phone. "If I took an ESN reader, such as the one that this defendant sold and put it on this table," Friedberg asserts, "by the end of this interview, that ESN reader would probably have captured a thousand stolen numbers." Bowitz "sold at least a dozen ESN readers to the undercover [agent], and they came with pamphlets about how you program them, how you use them to capture numbers," Friedberg says. The first email wiretap But capturing Bowitz back in 1995 called for groundbreaking investigative techniques, including the first email wiretap. "We basically made it up as we went [along]," Friedberg admits. "The Internet service provider that we were dealing with had no precedent for technically being able to do this, and they actually had to write software that would create a BBC box, like a blind carbon copy, so that anything that went in or out of the defendant's email box would be blind carbon copied to our email box that we then could access." "We did an email wiretap, court-ordered, for eighty-five days, and [got] over thirteen hundred intercepts. Twenty-four hours a day, domestically, internationally, around the world, we intercepted them here," Weaver concludes. "It proved to be very fruitful," adds Friedberg, "because we could see who else the defendant was dealing with, in terms of both the distribution of the phones stateside and the manufacture of the phones overseas." 'The most dangerous eavesdropping devices' Even though the case is five years old, the cell tracker phone and ESN reader remain two of the most dangerous eavesdropping devices smuggled into the country, according to Friedberg and Weaver. "I think now there are still very serious attacks on privacy of communications through a variety of different software and hardware," Friedberg says. "We're still seeing a lot of very intrusive illegal eavesdropping devices being marketed, both in traditional forms and over the Internet."
From pens used to eavesdrop on conversations to "magic boxes" for cloning cell phones, the US Secret Service has confiscated a wide array of eavesdropping gadgets. These high tech tools have been used in the latest round of scams, schemes, and underhanded shenanigans.
Robert Weaver has seen most of them. He heads the New York Electronic Crimes Task Force and is the the assistant to the special agent in charge at the US Secret Service in New York.
The contraptions at his offices are "confiscated equipment, representing five years of work and over eight hundred cases [with] arrests and convictions," he told "CyberCrime's" Alex Wellen. "Each one of them [that] we progressed with, we learned from."
Weaver claims one device first recorded the credit card number, then the passcode from unsuspecting travelers using pay phones in "one of the largest telecommunications scams in the United States."
That was one of the simpler eavesdropping devices the team has seen. Since 1995, Weaver and his crew have used the confiscated gadgets to educate and train other law enforcement agencies, along with private sector groups.
Cloning, without the sheep
Magic boxes and "copy cats" are two contraband items that clone mobile phones. Just plug them into a cell phone, and suddenly you can reprogram the phone to accept a stolen phone number.
If that doesn't do the trick, Weaver advises, "what the bad guys do is they open it up on the back, they reprogram the chips on the inside, and they make this phone do something illegal and accept stolen information and stolen property."
Weaver's collection also includes telephone plugs, pens, and power strips, all used to surreptitiously eavesdrop on conversations. One plug was a crucial piece of evidence in the Bernhart Bowitz case.
"We started to focus on an individual," says Assistant US Attorney Eric Friedberg. "Bernard Bowitz market[ed] over the Internet, which was somewhat unusual at that time. Back in 1995, [he] started marketing an illegal device [to] clone cellular phones."
Unlike the magic box (which stored only one stolen number), Bowitz' cell tracker could store 99 phone numbers. That's the key to fraud.
"If I spread my usage over a hundred stolen telephone numbers so there's only ten stolen calls on each number," Friedberg explains, "it flies under the radar of the programs that the telephone company is running [to detect fraud]."
Beyond cloning, the cell tracker could also be used to monitor other cell phone conversations or even bug a room. To do that, someone calls the phone number of the cell tracker, then dials a special code, and the phone in the room never actually rings. The phone's owner never even knows that someone's called the number, but the phone can monitor the room's conversation.
Packed with features as it is, the cell tracker did not actually steal the phone numbers.
"In this case," Friedberg says, "the defendant was using another peripheral device called an ESN reader."
An ESN reader works by intercepting the phone's unique Electronic Serial Number, as well as its MIN (Mobile Identification Number) -- in other words, your telephone number. Normally, both numbers are authenticated at a cell tower, but with an ESN reader someone can intercept and steal the pair, in a "man-in-the-middle attack."
The ESN and the MIN are then uploaded to a cloned cell phone.
"If I took an ESN reader, such as the one that this defendant sold and put it on this table," Friedberg asserts, "by the end of this interview, that ESN reader would probably have captured a thousand stolen numbers."
Bowitz "sold at least a dozen ESN readers to the undercover [agent], and they came with pamphlets about how you program them, how you use them to capture numbers," Friedberg says.
The first email wiretap
But capturing Bowitz back in 1995 called for groundbreaking investigative techniques, including the first email wiretap.
"We basically made it up as we went [along]," Friedberg admits. "The Internet service provider that we were dealing with had no precedent for technically being able to do this, and they actually had to write software that would create a BBC box, like a blind carbon copy, so that anything that went in or out of the defendant's email box would be blind carbon copied to our email box that we then could access."
"We did an email wiretap, court-ordered, for eighty-five days, and [got] over thirteen hundred intercepts. Twenty-four hours a day, domestically, internationally, around the world, we intercepted them here," Weaver concludes.
"It proved to be very fruitful," adds Friedberg, "because we could see who else the defendant was dealing with, in terms of both the distribution of the phones stateside and the manufacture of the phones overseas."
'The most dangerous eavesdropping devices'
Even though the case is five years old, the cell tracker phone and ESN reader remain two of the most dangerous eavesdropping devices smuggled into the country, according to Friedberg and Weaver.
"I think now there are still very serious attacks on privacy of communications through a variety of different software and hardware," Friedberg says. "We're still seeing a lot of very intrusive illegal eavesdropping devices being marketed, both in traditional forms and over the Internet."
Continued...
ADVERTISEMENT
Editor's
Note: This story was first published on August 25, 2000.
