US stalker uses mobile phone to track family

I was amazed to read that a US cellphone user has had his mobile remotely hacked by a virus to act as an off-premises extension - basically the handset operates as a remote microphone, piping all transmissions in its vicinity to a remote location.

So-called infinity bugs have used on landline phones by the security services for years, and are standard issue (or so I'm told), but turning a mobile phone into an infinity transmitter is a new twist.

According to newswire reports, Tim Kuykendall, a US man, has discovered his mobile is being used remotely by a hacker to record family conversations and take snaps for onward transmission.

Fox News says that, when Kuykendall reported the activity to his cellular carrier, he was not taken seriously.

"They said it wasn't possible; it's not happening. We've had bills that have piled up because they've downloaded some ringtones," he told Fox News.

Interesting stuff - so how's it all possible?

Reading between the lines of the story, I'd say that the hacker had either cloned the SIM of the mobile in question or, more likely, added an extra SIM to the mobile phone number.

Multi-SIM accounts on the same number are comparatively rare, but Vodafone offers them to business users in the UK, whilst a number of US carriers also offer the facility as well.

Basically when you dial one number, both phones ring until a call is picked up. The hacker sounds as though s/he has gone one step further and enabled a number of other non-standard functions on the mobile account as well.

And, of course, s/he's been helped along by the fact that a home-brew piece of malware has been loaded on the handset in question...