PCMag editors select and review products independently. If you buy through affiliate links, we may earn commissions, which help support our testing.

PCMag UK

Hack Turns Verizon Femtocell Into Spy Tool

Chloe Albanesius
 & Chloe Albanesius Executive Editor, News

Our team tests, rates, and reviews more than 1,500 products each year to help you make better buying decisions and get more from technology.

Our Expert
LOOK INSIDE PC LABS HOW WE TEST
65 EXPERTS
43 YEARS
41,500+ REVIEWS

A pair of researchers this week revealed a vulnerability within Verizon Wireless femtocells that allowed hackers to spy on the carrier's customers.

Tom Ritter and Doug DePerry from iSEC Partners told Reuters that the glitch within the femtocells, which boost wireless signals in areas with poor reception, allowed for spying on text messages, photos, and phone calls.

A software update rolled out by Verizon fixed the issue uncovered by iSEC, but the duo said that talented hackers could find ways to further breach the femtocells, according to Reuters, including those offered by other carriers.

In a statement, Verizon Wireless said it routinely monitors its devices for security issues, but is sometimes approached by third parties that have uncovered other security issues. iSEC "identified an issue that was fixed in March of this year on all Network Extender devices," the company said. "The fix prevents the Network Extender from being compromised in the same manner. There were no reports of any customer impact."

"The Verizon Wireless Network Extender remains a very secure and effective solution for our customers," the company continued. "Our engineers and security experts designed the Network Extender to offer the best balance of customer experience with the strongest device and network security while still protecting the safety and wireless experience of other wireless users within the coverage area for the device. We continue to proactively work to protect the Network Extender from any new, real threats if they are discovered."

Ritter and DePerry demonstrated the flaw to Reuters using an Android device and an iPhone. They declined to elaborate on how it worked so as not to embolden hackers. The duo will present their findings at the upcoming Black Hat and Defcon conferences.

iSEC did not immediately respond to a request for comment.

About Our Expert

Chloe Albanesius

Chloe Albanesius

Executive Editor, News

My Experience

I started out covering tech policy in DC for The National Journal, where my beat included state-level tech news and all the congressional hearings and FCC meetings I could handle. I later covered Wall Street trading tech before switching gears to consumer tech. I now lead PCMag's news coverage.

My Areas of Expertise

Getting my start in DC means I still have a soft spot for tech policy; Congressional hearings can sometimes be as entertaining as a Bravo reality show, for better or worse. But PCMag is all about the technology we use every day, as well as keeping an eye out for the trends that will shape the industry in the years ahead (or flop on arrival). I've covered the rise of social media, the iOS vs. Android wars, the cord-cutting revolution that's now left us with hefty streaming bills, and the effort to stuff artificial intelligence into every product you could imagine. This job has taken me to CES in Vegas (one too many times), IFA in Berlin, and MWC in Barcelona. I also drove a Tesla 1,000 miles out west as part of our Best Mobile Networks project. Of late, my focus is on our hard-working team of reporters at PCMag, guiding and editing their robust coverage.

Read the latest from Chloe Albanesius

Read full bio