APN Change Detection

[MatejKovacic]

I am pretty sure we all heard story about Hacking Team being hacked and their data, including e-mails, published. Now, there is one interesting e-mail here: https://wikileaks.org/hackingteam/emails/emailid/449991

It says:

*Data transmission from mobiles: we have 2 ways here. 1) the solution is able to detect open wi-fi networks and preconfigured/saved networks­.

2) the client can buy from the Telco operator an APN. It’s not necessary to tell the Telco why.

The traffic generated by the backdoor will be automatically diverted on the new APN so that the monitored person will see nothing suspicious on his bill.*

BTW, this APN is not visible on mobile phone's APN configuration list https://wikileaks.org/hackingteam/emails/emailid/449991

on windows mobile is invisible, on symbian is invisible as well... on Blackberry it's not visible in the list

So... it seems a good idea to try to detect APN change.

Want to back this issue? Post a bounty on it! We accept bounties via Bountysource.

[SecUpwN]

Just tossing it in: The leaked source code of HackingTeam is available at @HackedTeam. // EDIT 02.12.2015: Maybe @tompreuss can help us adding this detection from APNSettings?

[tompreuss]

// EDIT 02.12.2015: Maybe @tompreuss can help us adding this detection from APNSettings?

Hi @SecUpwN, my APNSettings has no such feature. It just opens the Android Settings APN Settings dialog.

To do what you're thinking of doing I think you might want to look at either using android.provider.Telephony.Carriers or you might be able to do something by just checking the phone's /data/data/com.android.providers.telephony/databases/telephony.db yourself.

Also while researching I found out that as of Ice Cream Sandwich, android.permission.WRITE_APN_SETTINGS was made signatureOrSystem and therefore third-party apps can no longer use it.