Connect with us

Hi, what are you looking for?



Teen Arrested for Cyberattack on 911 Emergency System

An 18-year-old teen from Arizona was arrested this week after one of his iOS exploits caused serious disruption to 911 emergency systems.

An 18-year-old teen from Arizona was arrested this week after one of his iOS exploits caused serious disruption to 911 emergency systems.

According to the Maricopa County Sheriff’s Office, Meetkumar Hiteshbhai Desai was booked on three counts of Computer Tampering, which in this case is a Class 2 felony, considered an extremely serious crime in Arizona and other states, due to the fact that it involved critical infrastructure.

The Maricopa County Sheriff’s Office Cyber Crimes Unit launched an investigation after being notified of disruption to the 911 service in the Phoenix metro area and possibly in other states.

Desai apparently learned of an iOS bug that can be exploited to manipulate devices, including trigger pop-ups, open email, and abuse phone features. The teen created several exploits and published one of them on a website, linking to it from his Twitter account in an effort to prank his followers.

While Desai claimed he wanted to publish a link to an exploit that only displayed pop-ups and caused devices to reboot, he mistakenly tweeted a link to an exploit that caused iPhones and iPads to continually dial 911 and hang up.

According to police, the link pointing to the exploit was shared with more than 12,000 followers and clicked over 1,800 times. The Maricopa County Sheriff’s Office ultimately managed to shut down the website hosting the exploit.

The police department in Surprise, Arizona, received more than 100 hang-up calls to its 911 service within minutes, which could have caused their switches to lose service. Agencies in California and Texas, the Peoria Police Department, and the Maricopa County Sheriff’s Office also received calls triggered by Desai’s exploit.

Advertisement. Scroll to continue reading.

Desai claimed he was trying to find iOS vulnerabilities that he could report to Apple for monetary rewards and recognition. He said he did not mean to publish the exploit designed to call 911 as he knew it was illegal.

Researchers revealed last month that 911 emergency services in a U.S. state can be disrupted by a botnet powered by only 6,000 smartphones.

Security professionals sometimes get into a quarrel with the companies whose products and services they are analyzing. However, there are cases where experts have been charged and even convicted over their research.

One of the most well-known cases involves Andrew Auernheimer, who in 2013 was sentenced to 41 months in prison after he hacked into AT&T servers. A more recent case involves David Levin, owner of Vanguard Cybersecurity, who was arrested and later sentenced to 20 days in jail after exploiting a vulnerability he found on a Florida elections website.

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join security experts as they discuss ZTNA’s untapped potential to both reduce cyber risk and empower the business.


Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.


A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...