Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Teen Arrested for Cyberattack on 911 Emergency System

An 18-year-old teen from Arizona was arrested this week after one of his iOS exploits caused serious disruption to 911 emergency systems.

An 18-year-old teen from Arizona was arrested this week after one of his iOS exploits caused serious disruption to 911 emergency systems.

According to the Maricopa County Sheriff’s Office, Meetkumar Hiteshbhai Desai was booked on three counts of Computer Tampering, which in this case is a Class 2 felony, considered an extremely serious crime in Arizona and other states, due to the fact that it involved critical infrastructure.

The Maricopa County Sheriff’s Office Cyber Crimes Unit launched an investigation after being notified of disruption to the 911 service in the Phoenix metro area and possibly in other states.

Desai apparently learned of an iOS bug that can be exploited to manipulate devices, including trigger pop-ups, open email, and abuse phone features. The teen created several exploits and published one of them on a website, linking to it from his Twitter account in an effort to prank his followers.

While Desai claimed he wanted to publish a link to an exploit that only displayed pop-ups and caused devices to reboot, he mistakenly tweeted a link to an exploit that caused iPhones and iPads to continually dial 911 and hang up.

According to police, the link pointing to the exploit was shared with more than 12,000 followers and clicked over 1,800 times. The Maricopa County Sheriff’s Office ultimately managed to shut down the website hosting the exploit.

Advertisement. Scroll to continue reading.

The police department in Surprise, Arizona, received more than 100 hang-up calls to its 911 service within minutes, which could have caused their switches to lose service. Agencies in California and Texas, the Peoria Police Department, and the Maricopa County Sheriff’s Office also received calls triggered by Desai’s exploit.

Desai claimed he was trying to find iOS vulnerabilities that he could report to Apple for monetary rewards and recognition. He said he did not mean to publish the exploit designed to call 911 as he knew it was illegal.

Researchers revealed last month that 911 emergency services in a U.S. state can be disrupted by a botnet powered by only 6,000 smartphones.

Security professionals sometimes get into a quarrel with the companies whose products and services they are analyzing. However, there are cases where experts have been charged and even convicted over their research.

One of the most well-known cases involves Andrew Auernheimer, who in 2013 was sentenced to 41 months in prison after he hacked into AT&T servers. A more recent case involves David Levin, owner of Vanguard Cybersecurity, who was arrested and later sentenced to 20 days in jail after exploiting a vulnerability he found on a Florida elections website.

Written By

Eduard Kovacs (@EduardKovacs) is senior managing editor at SecurityWeek. He worked as a high school IT teacher before starting a career in journalism in 2011. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing for the latest cybersecurity threats, trends, and expert insights.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this live webinar as we break down why email-layer defenses alone can't keep pace with the modern phishing ecosystem, how agentic AI is changing the capacity equation for security teams, and more.

Register

This year's summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments. Interact with leading solution providers and other end users facing similar challenges in securing a variety of cloud deployments.

Register

People on the Move

Tracey Mustacchio has joined Everfox as Chief Marketing Officer.

Mark Carter has been appointed Chief Information Security Officer at Socure.

Spektrum Labs has named Mark Cravotta Chief Operating Officer.

More People On The Move

Expert Insights

Four decades of incident response experience suggest that exploits are often the symptom, not the root cause, of today’s cybersecurity failures.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.