New NSA Leaks Reveal Step by Step Guide for Hacking Pakistani Telcos

We knew that NSA had (has) monitoring access to all Pakistani telecom operators, Pakistani Internet Service Providers and other government departments, but a new leak provides undeniable evidence that it was indeed happening.

Credited to ShadowBrokers — a hacker group that previously published tools, hacks and other exploits that NSA had used to infiltrate networks and governments across the world — leaked a new dump few hours ago that has information about more ways through which NSA was accessing mobile companies, private and public networks in various countries.

ShadowBrokers initially had put up this data online for auction, but since no one bought it, the group shared the password of the entire dump in protest.

Leaked dump, which is encrypted, is terabytes in size and security researchers have started to decrypt it already.

Initial decrypted files reveal step by step guide of how NSA used to gain access to Mobilink’s network. It explains the entire method on how NSA accessed servers, data and other information related to mobile phone users of Pakistan.

Method shows that NSA had access — around 2006 — to CDR (call detail record) of any Mobilink user and also that how many SIMs had been used on a single handset (to identify if the user had more than one SIMs).

NSA’s operators could get alerts in case a new call was made. They also had mechanism to clear any access records or logs to wipe out any traces.

This hacking method, which we believe is now patched, was made possible only after NSA hacked/exploited Solaris (Oracle’s proprietary) operating system, which was otherwise considered very solid and hack-proof.

As security researchers are in process of decrypting more leaked data, it is likely that step-by-step guides of hacking other Pakistani telcos and ISPs will also be revealed.

If you are wondering if NSA will be held accountable for all the illegal stealing of data (read crimes) or if Pakistani government will protest against such naked hacks, then its not happening.

Exactly like the elites in Pakistan, they are free to do whatever they want to. No repercussions, completel immunity from and zero accountability.

Way Forward?

I have often heard from friends in government about procuring ultra-expensive systems and hardware to ensure privacy, then — if I may speak frankly — there’s nothing private on the internet.

No matter how secure you get, the devices that are built (in West) are going to reveal your data to outsiders one day.

The only way forward, if possible, is to manufacture your hardware and write your code yourself to protect it. Even then you will just minimize the chances of it being getting hacked, but it won’t be as easy as it seems from above incidents.

It is an open secret now that certain loopholes are left on purpose, for activities like above. It is just like you are building a house and keep a back-door for emergency entries/exits, just in case. These back-doors, are then exploited and used by agencies like NSA.

Until you don’t start making hardware and software yourself, don’t get bothered much about these hacks and steals.

Tech reporter with over 10 years of experience, founder of ProPakistani.PK

  • Well there is nothing to worry about if you aren’t doing anything wrong. Their heads might be getting cooked when they hear 3 hour long calls between Ami and Khala :D

    • KoOlati

      if you are not doing anything wrong then what about your privacy??? the whole world fighting for their privacy while pakistani’s thinks like you wow

      • Umair QaZi

        if I may speak frankly — there’s nothing private on the internet.

        • Umz

          Guys like you are the ones who like to surrender their rights, instead of standing up for them.
          If there is nothing private on the internet, then try accessing and NSA server and when they appear on your doorstep, give em the same argument.

          • HashCat

            bro, umair is right, there is nothing private on the internet cuz if you trust a company with your data there HAS to be a trust chain linking all the technologies involved in the application being used. As far as standing up for your rights goes tou us ke liae bht deep comprehension chahiye hoti hai mukhtalif cheezon ki. sirf comments post krne se kuch nai hota, we have to build our everything, our selves. there is no way around it.

            • HashCat

              that basically means making your own internet (briefly speaking) and that is not that hard.

          • Wolverine

            So you don’t like to surrender? Then go and attack NSA building.Her cheez mein Protest kam nahi ata. Kuch kerna hai to apne mulk mein technology banao werna chup raho.

            • Umz

              Yes I don’t surrender. I am already making A class technology in Pakistan to get rid of western dependence.
              And NO I won’t stay quiet because spreading awareness and raising voice for my countrymen and myself is a must.

              • Wolverine

                If that’s the case then its the best way to protest. To be independent.

      • Wolverine

        He is absolutely right. Yes we should be worried about our National Security but I don’t know why individuals like us get worried about these type of news? I mean why you get worried if someone sitting miles away hears your call in which your mom telling you to bring “Dahi” & “Podina” ASAP. :D

    • Amjed Haris

      If you have nothing to hide because you don’t do anything wrong, then I assume there are no doors or covers in the bathrooms of your house.

      • Waqas

        This was the worst comparison.

        • Umz

          The right comparison ever. Unlike you, people want to keep the privacy of their conversations, messages and emails the same way they spend private time in any part of their home.

    • Javed Iqbal

      Haha so you think they watch you so that you don’t do any wrong. Come on boy they are no angle. They are the bad gays.

      • Javed Iqbal

        I think you should watch the movie “EAGLE EYE” to get the whole picture.

    • Adil Rafique

      Edward Snowden:’Arguing that you don’t care about the right to privacy because you
      have nothing to hide is no different than saying you don’t care about
      free speech because you have nothing to say’
      @haris_amjed:disqus bhai surveillance ghalti ki lie nahi ki jati, aj k doar mein surveillance dominance k lie ki jati hai. Ye cyber infrastructure utilities k lie nahi raha ab ye war aik asliyat hai.Aur apka dushman jisko apke bary mein sab kuch pta hai, wo hamesha apse aik hand uper hai.

      • Bhai bat kuch is tarah hy ke hamaray secret Idaron me Internet strictly Ban hy. Even top ranking officials Mobiles andar nahi le kr ja skte. Reason? They know that there is no concept of privacy or secrecy on Internet. Now either you stop using Internet and Mobile or keep your eyes close like pigeons and I think later one is our only option.

    • Umz

      If you are doing nothing wrong then why don’t you share with us the details of your bank account, the number and names of people in your home, the list of your friends, the details of every conversation and message you send to your brothers, sisters, parents, wife and relatives, the details of your job, car model, emails etc.
      Since you are ok with sharing all of it with NSA, you might as well share it with your countrymen first.

      • If countrymen have GUTS then go Hack it. They do it because they can and we can’t do anything about it. “Jis ki lathi us ki bhains” is a universal law.

    • Naveed ur Rehman

      You Nailed it Man… :D

      • ZAB

        How do u know he nailed it?

    • Yasir Mahmood

      Sadqay Twaadi Logic Tay..

      I wonder if you are familiar with a word “Privacy”

    • HashCat

      The ONLY way to get thru this NSA spying on you is to make your own EVERYTHING. Believe me its not impossible, maybe just impractical, judging by how our education system works right now, but is totally doable. we just need patience and the right direction to walk on.


  • Ali Ahmad

    I hope we can see some decent Pakistani hardwares in our Lives

    • Emmad Mir

      q mobile ?

  • Karachitte

    I hope the elites realize the danger this poses. Even now there are vital organisations buying ultra expensive solutions to run critical infrastructure.
    For example 1Link is supposed to be upgrading its systems soon and if they chose a western solution, they’ll simply be handing over key to mass financial surveillance of foreign entities without any hindrance, and that’s dangerous for our economy.

    • If 1Link chooses a Chinese solution, are we any safer?

      • Karachitte

        There is no Chinese solution. Currently 1Link uses domestic solutions but from what i heard, the new bid now has two finalists, one European and one US.

        • Timmy

          Euronet has been finalized

      • Kashif Surhio

        I think you don’t know that Chinese IT is now a days going on TOP, China has launched his own space station and the stupids like you who use Chinese made android phone of PKR 3000 very proudly are still pointing finger on Chinese solutions.
        Its China who helped to develop Submarine, JF17, JF12 and you stupid people always bark like Altaf

        • All I’m asking is that if Western solutions are riddled with security holes, are Chinese solutions less likely to have the same problem? It would be naive to imagine that they’re not.

          I have no idea where this “you stupid people” came from. Maybe you’re feeling defensive about something?

          • Kashif Surhio

            hopefully you know some computer programming, so if you create local system does it means it will be error free???
            If you don’t have any IT knowledge then don’t discuss about local/non-local systems and solutions

            • Xim

              Why don’t you check out what Faried does for a living and how long has he been doing it.

              • Kashif Surhio

                chamcha spotted :P

                • xim

                  Hey Kashif, guess what…I have never met Faried in my life nor he knows me but a google search throws this up and it should help

          • dan dan

            Faried Nawaz , Bhai ye har bande pe isi tarha offend ho raha hai. Nothing personal :)

            • Kashif Surhio

              here comes Phd in IT security

  • Pakpehlay

    This whole idea of “I have nothing to hide” is the most backwards, idiot and foolish mindset to have ever surfaced in the 21st Century.

    Why does anyone even have the guts to snoop on you let alone anyone?

    0 Tolerance for snooping.
    End of story

    [Comment Edited]

  • what they will do after hearing conversations like Janu kya kar rahi Ho, Jan app ney aj muje Good Morning nae bola

  • BTW now Hardware Manufacturers will get Requests to build custom devices and generate revenues

  • dan dan

    Wow.. Nude photos of the daughters of Pakistan in the hands of Western powers, while their dads have no clue. What else can you ask for?

    • Hut

      Daughters (and sons or anyone else for that matter) shouldn’t be saving nude photos anywhere if they want to keep control of their nudity.

      • dan dan

        Agree. Not only save, why take nude photos?

        • Kashif Surhio

          claps for your thought, it seems that you have seen the nude photos of your sisters.
          beta sabki behnain tumhari behno ki tarha niangi nahi hoti

          • dan dan

            I don’t have a sister. I don’t have a gf. I have no interest in such things. And I know overwhelming majoirty doesn’t do it. Me general trend ki baat kar raha hun. Ye haqeeqat me hota hai kuch uni or colleges me. You can ignore these facts if you like. Or har baat me personal honi i zaroorat nahi. Aapka bharakna or personal hona aapki soch or oqat bayan karta hai.
            Agar me ye karta to me khud kuon ye baaten likhta. Offend aap ho rahe ho, aap ka masla hai

            • Kashif Surhio

              hoti to wo kia karti or tum kia karty?

              and uncle g, general trend means now a day majority (urdu me kahain to aam tour per), kam az kam barlitz ya isi tarha k kisi institute se english seekh lo

              • dan dan

                Aap fikar na karen. Pesonal attacks tumhari soch bata rahi hai. Tum jese log hi ye gandi harkaten karte hoge. Itni tameez bhi nahi hai. Khair, meri english ki fikar nahi karo. Tum se boht behter hai

                • Kashif Surhio

                  apny mon miyan mithu
                  lagay raho apni choti si dunya me, kunwain ka mendak ban k

  • Omar Nasir

    “Until you don’t start making hardware and software yourself, don’t get bothered much about these hacks and steals”
    Is it based on any legit research, or is it just the author trying to pander to the audience?

    • He wants to say make your own operating system, hardware and browser in order to stay safe!

      • Omar Nasir

        As long as you are connected to the internet and use foreign-built SaaS, your data will never be safe. Case in point: how China uses WeChat.

  • LantiMunda

    Now NSA is in real trouble under cyber crime law… But ohhh its Pakistan where only punishment is for poor and weaker….!!

  • Steve Johnson

    All things aside. there was at least one grammatical mistake (that resulted probably from an auto correct or spelling correction)

    “propriety” should be “proprietary”. See the real difference between these two works here:

  • Malik Yasir

    Another sansani kheez inkishaf. This has been a well known fact since 2012. And why are you taking names propakistani ? Did mobilinks PR dept did not give into your wishes?:p

  • AbdulB1

    Pakistan khappay

  • Jamespond007

    lol, they even have access to mobile phone networks of their own allies, the west germany, uk and more. americans are paranoid, and always want to be on top of the world by their propaganda and world policing bullshit. they want to control the world. The only way you can be on top of the world, is access to unlimited information.

    • AbdulB1

      actually that is called a difference between a slave and master.

  • aamir7

    Ya tu apko meri smjh nae ayi, ya mujhay apki smjh nae aa rahi

  • Javed Iqbal

    You all are missing the main point here, what can they do with our private data? There are unlimited possible answers. Some are very obvious. Such as they can black male any of us to do some terrorist activities on their behalf. They​ can make original id cards by hacking NADARA. They can even blackmale prime minister of Pakistan.

    • Basit147

      ‘Black Male’

      • Emmad Mir

        feMale nai? ?

  • ahmadnowaz

    Shouldn’t care as long as we are not into any hate or conspiracies. All we are just a “set of various memories and knowledge” and we have to feed it to next generations seamlessly.

    Global Citizenship

  • Basit147

    in book

    No Place to Hide: Edward Snowden, the NSA, and the U.S. Surveillance State Glenn Greenwald
    it states

    All Hardware Laptops Routers Networking Equipment is stopped in US custom department & is loaded with NSA’s homemade firmwares & bios to monitor without knowledge of manufacturer

  • Malik Kamran

    Actually guyz internet is the biggest exploit,Russia therefore,making their own equipments to retain their Moscow Privacy,time is tiking,nobody is secure.Your cell phone is breaching your privacy,not joking.Be prepared for something big happen…

  • Abdullah

    I am surprised. They can simply ask their puppet rulers to hand this data over.

    Anyhow a good recommendation. we should build our own hardware and software. Now what is the likelihood of thats happening in a corrupt democratic system we have

  • Why do the system containing call logs and stuff have even need to be connected to internet?

  • Malik Adnan Aziz Awan

    Strange… i dunt know that wt the hell software developers were doing that was hired by mobilink

  • Faheem Ahmed

    why didint the nsa deleted those data himself??? before they knew..

  • Faheem Ahmed

    nothing to worry about if you aren’t doing anything wrong

  • ?..

  • Ahsan Shah

    Chinese are quite smart that indicates!