EE and Three's voicemail systems hacked using number-cloning trick
With the phone hacking scandal still playing out in the courts, it should be safe to assume that UK mobile operators have put measures in place protect customers' own voicemail inboxes. Unfortunately, that's only half true. We know thanks to an investigation by The Register, which showed that two of the big four carriers had neglected to close a loophole that allows nefarious third-parties to spoof a customer's phone number and immediately gain access to their voicemails. Those two companies? EE and Three.
Armed with a target's phone number and VoIP calling system, researchers were able to trick both carriers' voicemail systems into believing a call originated from one of their SIMs. Attempts to hack into Vodafone and O2, however, were unsuccessful. Vodafone blocked attempts with PIN requests, while O2's systems always timed out. When pressed about the issue, Three simply pointed to the voicemail security pages on its website and warned users to set a PIN (which isn't enforced by default). EE immediately set about fixing the flaw and sent out an announcement just a few hours later telling customers it had "patched the issues raised in the article." The company said it also plans to run "a full review of all [its] voicemail platforms," to head off any future issues.