Voicmail hacking research.

[heretek]

Hello, Phone Losers, I've been doing some research on voicmail hacking. It made the news due to a certain scandal in England, that you can get access to a person's voicemail by calling their cell phone wile emulating the caller ID of the cell phone you are trying to call. Sometimes they have a PIN set up, but there are generally no systems to stop you from brute forcing them. What is interesting, is that depending on the carrier, sometimes when you try to do this attack instead of reaching their voicemail, the call will execute as normal, and the victim's phone will say that they are calling themselves. So far I have determined that the the attack definitely works on Sprint, Virgin Mobile, and Verizon in the Los Angeles area. By the same token, it fails on T-Mobile and possibly ATT devices. I am currently recruiting volunteers to test the attack on (and the coolest part of the experiment so far has t be a deputy DA giving me permission to attack his phone) in order to come up with a more definitive list of which carriers the attack does and does not work on. What I am interested in hearing from the Phone Losers is, am I missing anything that could skew the results? For instance I know in some areas, carriers re-sell services of other carriers, would that effect the results, or would it not change them because the voicemail service is still on the carrier's network? Thanks for the help.

[rbcp]

I used to play around with voicemail hacking with caller ID spoofing, back when commercial spoofing sites had just started popping up.  This was nearly 10 years ago.  I think most of the carriers worked back then, by spoofing the number of the phone you were hacking in to.  I'm positive AT&T and T-Mobile worked, because I was regularly checking the voicemails of a couple people on those carriers.  Years later, most spoofing sites stopped allowing their users to spoof the number they were calling, I assume to curb voicemail hacking, but there was a workaround for AT&T. 

AT&T had voicemail access numbers, where you would call a number and then put in your cell phone number and PIN to listen to your messages.  But if you were calling from your own cell, you didn't have to put either of those in.  When an AT&T subscriber called into their voicemail, they were calling into one of many access numbers all over the U.S.  There were lists of these access numbers online and I'm sure they're still available somewhere.  I have no idea if AT&T still does things that way, but a few years ago that was how you got around not being able to spoof from the number you were calling.

I haven't messed with voicemails in years and no longer have a spoofing account.  If I did, I would test the major carriers for you.

[ravenmaddox]

I still have a spoofing account and can verify that AT&T and CSpire are both still susceptible to voice-mail hacking. Nowadays I generally only hack a voice-mail when I am trying to discover the owner of a phone number and/or when said person has successfully pissed me off. Which some days is easier than others.

[N01zii]

Those AT&T center voicemail addresses still work. If you have one of those "dumb phones_" on AT&T, go to your text messaging, then settings, and then Voicemail Settings. It will already have a number typed in, but you can change it.

Here's one for Troy, Michigan: 248-224-0128
And an MMS one, for texting: 312-314-9810 (Email Gateway: 121)