Freyja Burch
Electronic ankle monitors are designed to keep people under close surveillance, but they are not foolproof. In 2015, security researcher William Turner, also known as Amm0nRa, demonstrated how to hack a tracking ankle bracelet manufactured by GWG International. By placing the device in a Faraday cage, Turner was able to block the real telecom signal and trick the bracelet into connecting to a rogue network. This allowed him to capture the warning message that the device sends to the police if it is tampered with. He could then remove the SIM card and use it to send a message to another phone, revealing the card's phone number. With this information, Turner could use an SMS spoofing service to send fake GPS data messages to law enforcement, making them believe the person was still at home. While this hack requires technical knowledge, Turner warns that it could be automated and sold to people under house arrest.
What You'll Learn
Using a Faraday cage to block signals
A Faraday cage is a container that blocks signals from going in or out. It is a common and successful way to block GPS signals. To create a Faraday cage, you can use a $2 roll of tin foil or a wire mesh. Wrap the foil around the ankle monitor to induce a Faraday cage, blocking its ability to transmit location data.
It is important to note that a single layer of foil may not be enough to block the GPS signal effectively. Multiple layers of foil may be needed to more thoroughly disrupt the signal. Additionally, this method may not prevent the alert from going off or stop the system from being notified when the device stops responding.
To hack the ankle monitor, you can place it inside the Faraday cage, isolating it from the network. Then, create a fake phone network. When you remove the device from the cage and take out the SIM card, it will still be able to send a tamper detection warning to the fake network. After that, you can put the SIM card in a phone and send a text to find out the associated number. Finally, use an online SMS spoofing service to send fake messages to the authorities, making it seem like the person wearing the ankle monitor is still at home.
Blind Spot Monitor: Is It Part of TSS?
You may want to see also
Spoofing a phone network
First, you need to obtain a sample ankle tracking device. In the case of William Turner (aka Amm0nRa), a security researcher, he obtained a device from GWG International, a Taiwanese manufacturer, by social engineering the company. This step is crucial as it allows you to study the device and identify its vulnerabilities.
Once you have the device, you need to create a Faraday cage, which is a container that blocks signals from going in or out. This will be used to isolate the device from the outside network. You can create a simple Faraday cage using a $2 roll of tin foil.
Place the ankle monitor inside the Faraday cage. This will prevent it from transmitting data to law enforcement authorities and block the real telecom signal. At this point, you can physically open the device and remove the SIM card without triggering any tamper detection warnings.
Next, create a fake phone network inside the Faraday cage. This can be done using a software-defined radio, which can be programmed to send and receive a wide range of radio frequencies using software. By creating this spoofed network, you can trick the device into thinking it is still connected to a legitimate network.
With the fake network in place, power on the device and wait for it to connect to the spoofed network. Once connected, the device will attempt to send a tamper detection warning. This warning will be sent to the spoofed network, tricking the device into thinking it was successfully delivered.
Now, take the SIM card from the ankle monitor and insert it into a phone. Send a text message to another phone to reveal the phone number associated with the SIM card. This is an important step as it gives you the number you will need for the next phase of the hack.
Finally, use an online SMS spoofing service to send fake messages to the law enforcement authorities. These messages will appear to come from the phone number associated with the SIM card, indicating that the person under house arrest is still at the confined place, even though they may be fleeing.
It is important to note that this process requires a technical background and a certain level of expertise in software and hardware manipulation. Additionally, the specific methods and tools used may vary depending on the model and manufacturer of the ankle monitor.
LCD Monitors: Understanding Voltage Requirements
You may want to see also
Finding the SIM card number
The SIM card number, also known as the ICCID, is a unique 20-digit number printed on your SIM card that starts with 89302. There are several ways to find your SIM card number, depending on the type of device you have.
For iPhone users, go to Settings > General > About. Then, scroll down and locate the ICCID (SIM Card) number. If you have an Apple Watch with a cellular connection, press the Digital Crown on your watch to see your apps, tap the Settings icon, tap About, and then scroll down to find the ICCID field.
For Android users, go to Settings > About Phone > Status, and then scroll down and locate the ICCID (SIM Card) number. Alternatively, you can remove the back cover, battery, and SIM card to locate the SIM card number on the card itself. If your Android device does not have a removable back cover, you can use a paper clip or SIM-eject tool to eject the SIM card tray.
If you prefer not to remove your SIM card, you can download a third-party app that displays SIM card information, or simply dial *#06# in the Phone app to view your SIM card details.
Oprah's Ankle Monitor: Fact or Fiction?
You may want to see also
Sending fake messages to the authorities
The following method to hack an ankle monitor was demonstrated by security researcher William Turner, also known as Amm0nRa, at the DEF CON 2015 security conference in Las Vegas. It involves exploiting vulnerabilities in the tracking device and its mobile network to spoof the location of the person wearing the ankle monitor and send fake messages to the authorities.
Firstly, a person under home detention would need to obtain a do-it-yourself Faraday cage, which is a container that blocks signals from going in or out. They would then place the tracking device inside the Faraday cage, isolating it from the network. This prevents the device from transmitting data to law enforcement authorities.
The next step is to create a fake phone network inside the Faraday cage. This can be done by using a software-defined radio, which can be programmed to send and receive a wide range of radio frequencies using software instead of hardware. By creating this fake network, the person can then tear the device apart, take out the SIM card, and still send a tamper detection warning, making the device think it was delivered even though it was sent to the spoofed network.
With the SIM card removed, the person can then insert it into a phone and send a text to another phone to find out the number associated with the card. This is a crucial step as it allows them to know the number that the authorities associate with the ankle monitor.
Finally, using an online SMS spoofing service, the person can send fake messages to the law enforcement authorities. By using the number obtained from the previous step, they can make it appear as though the messages are coming from the ankle monitor, reporting that the person under house arrest is still at the confined place, while they are actually fleeing.
While this method requires technical knowledge and specialized equipment, it highlights potential vulnerabilities in the security of location tracking devices used for home detention.
Blind Spot Monitoring: Sensor Replacement and Installation Costs
You may want to see also
Plugging the monitor into a car
Ankle monitors are location tracking devices that use GPS and other technologies to report the position of people in home detention back to the authorities. These devices are usually strapped to the ankles of individuals who are under house arrest, on parole, or on probation. They are equipped with a series of anti-tampering systems that notify the police as soon as someone tries to mess with them.
However, in some cases, offenders have found ways to hack and defeat the monitoring system by plugging the ankle monitor into their car. This way, the device does not sound an alarm as the offender is with the ankle bracelet and is moving.
Step 1: Obtain a Car Charger
The first step is to obtain a car charger that is compatible with the ankle monitor. Offenders would need to find a charger that fits the port on the ankle monitor and provides the correct voltage and current output. They may need to test different chargers to find one that works.
Step 2: Plug the Ankle Monitor into the Car Charger
Once the compatible car charger is obtained, the offender can plug the ankle monitor into the car charger. This will provide power to the ankle monitor and keep it charged, ensuring that it remains functional while being used away from home.
Step 3: Drive Around with the Ankle Monitor Plugged into the Car
With the ankle monitor plugged into the car, the offender is now free to drive around without triggering an alarm. The device will not detect that the offender has left the designated area as it is constantly powered and remains within a monitorable distance.
Step 4: Keep the Ankle Monitor Charged
It is important to ensure that the ankle monitor remains charged during this process. A fully charged battery can help avoid any unexpected shutdowns or errors that may trigger alerts to the authorities.
Step 5: Remove the Ankle Monitor from the Car Charger When Done
After the offender has finished their trip and returns to the permitted area, they should unplug the ankle monitor from the car charger. This is important to avoid detection as the device may send alerts if it remains plugged in outside of the permitted area for an extended period.
By following these steps, offenders can exploit a loophole in the ankle monitoring system and gain some freedom of movement. However, it is important to note that tampering with an ankle monitor is a serious offense and can result in legal consequences. Additionally, authorities are continuously working to improve the security of these devices and address known vulnerabilities.
Monitoring GPU Usage: Linux Command-Line Essentials
You may want to see also
Frequently asked questions
Ankle monitors use GPS and radio frequencies to determine the location of the wearer and a cell network to send this information to a central monitoring system.
Security researcher William Turner, also known as Amm0nRa, found that one particular ankle monitor model had a series of flaws that made it vulnerable to tampering. Turner demonstrated that it was possible to spoof the location of the device by placing it in a Faraday cage to block its signal, creating a fake phone network, and using an online SMS spoofing service to send fake GPS data messages to law enforcement.
The ability to hack an ankle monitor raises serious security concerns and could potentially allow individuals under house arrest or electronic monitoring to evade law enforcement and escape without being detected.
To prevent ankle monitors from being hacked, manufacturers should be encouraged to address the vulnerabilities identified by researchers like William Turner. This may involve implementing additional security measures, such as improved encryption or two-factor authentication, to make it more difficult for unauthorized individuals to tamper with the devices.
