If you're having reception issues or dropped calls at your home or office, Verizon Wireless (and other carriers) might recommend you pick up a femtocell. This is a small device that plugs into your router and acts like a miniature cell tower. However, a pair of security researchers have revealed how they managed to use that same device to snoop on phone calls and other communications.

When you plug a femtocell into your internet connection, it doesn't connect only to your phone. It can provide cellular access to any compatible phone nearby. If the femtocell offers a better signal, most phones will hop on it instead of the regular tower. A person could be connected to the femtocell and not even realize it, thus giving a malicious individual the opportunity to intercept data surreptitiously. With a mobile broadband connection and power source, a compromised femtocell could be take to a public space and used to record many individuals' activities. The device could even be outfitted with a higher power antenna to get more phones to connect.

After identifying the vulnerabilities, and recording all the phone calls and messages sent through it, the researchers went to Verizon. A fix was developed after Verizon was alerted to the issue, but it wasn't an easy hole to patch. While the vulnerability demonstrated here is fixed, there could be many other bugs that allow similar attacks. Given enough time, someone with mayhem in mind will find them, and then we're all going to have a headache to deal with.

[Reuters]