The Evidence is in your Monthly Cell Phone Bill...

Yesterday I got my monthly cell phone bill and got surprised by the SMS (Short Message Service) charges. It was not a lot, about 5 €, although it is too much for the amount of SMS messages I'm used to send in a month (just a few). Therefore, I decided to review the invoice details. This is why we are tired of recommending you need to collect and review your logs, no matter the device ;)

Surprisingly, I saw 26 consecutive messages going to the same cell number (BTW, not familiar to me) in a period of 15 minutes.

Imagine you find yourself in that situation. Try to answer the following questions:
1) What are the incident response steps you would follow to discern what happened?
2) What do you think is the most probable security threat/vulnerability/exploit that could explain this type of incident?


I'll detail in a later post what my initial analysis and actions were, trying to understand what happened and get the money back ;)

Please, send your answers to radajo@gmail.com and I'll post a summary of your comments together with my post. Sorry, there are no prizes this time, just the glory of getting your name posted in this blog (and the fun of the exercise) ;)