Article Lead Image

Snoopsnitch tells you if you’re phone is being infiltrated

Mobile surveillance is a reality, and this apps wants to help you deal with it.


AJ Dellinger


Posted on Dec 31, 2014   Updated on May 29, 2021, 9:11 pm CDT

Unbeknownst to you, your phone may be leaking data. But there’s a fix: Security Research Labs, a security firm that specializes in mobile communication, has developed an app that plugs the holes data is coming from.

SnoopSnitch, which debuted at Chaos Communication Congress 31c3 in Hamburg, Germany, is Security Research Labs’ answer to the ever-increasing attacks on mobile users. The app—available for select, rooted Android devices—is designed to alert users of surveillance attacks that would otherwise go unnoticed.

“SnoopSnitch looks at raw network data, which is not usually accessible on a phone. The app extracts this data from the phone’s radio chip (baseband) and then analyzes it for common abuse patterns,” Karsten Nohl, Chief Scientist at Security Research Labs, told us.

He explained some of the types of patterns that SnoopSnitch can spot. “Patterns include stealthy SMS that are delivered to the phone without notifying the user; IMSI catcher, which track a user’s locations and intercept their calls and SMS; and SS7 attacks, in which a user is tracked or spied on from a remote location.”

The jargon can be difficult to parse, but the threat is very real. The SS7 protocol that Nohl mentioned was of particular emphasis at the security conference where he unveiled SnoopSnitch.

The protocol, which is used by carriers to route calls and texts, is particularly vulnerable to attack. The Washington Post reported that SS7 exploits could be used to track movements of cell phone users from anywhere in the world with a 70 percent success rate. German researchers recently discovered that security flaws in the protocol could allow anyone to listen to private calls and intercept texts.

“Phone attacks are increasing in frequency,” Nohl said. He noted that “attacks of the type SnoopSnitch detects are often targeted and would not affect a large number of users—at least in Western countries,” but warned, “The more the attacks get automated, the wider they can be abused, though, especially in regimes that spy on their own citizens.”

For the time being, SnoopSnitch is only available for a limited group of devices. The app is compatible with rooted devices powered by a Qualcomm chipset and running stock Android 4.1 or higher.

“We’ll slowly grow the supported phone base,” Nohl promises. “Root-access will still be needed in most cases, unless the phone vendor opens an alternative channel to access the raw data.”

Lest you think the problem is Android specific, Apple users aren’t safe from similar attach. “Apple’s help is needed to bring a mobile defense tool to iOS. Attacks are happening against iPhones just the same as against all other phones,” Nohl said. 

Photo via gerlos/Flickr (CC By-Sa 2.0)

Share this article
*First Published: Dec 31, 2014, 9:30 am CST