Yesterday, when Bryan Seely showed me his various Google Maps exploits, he showed me more than just dick jokes and fake businesses. Using these tricks, Seely was also able to set up a system that could surreptitiously record phone calls to the FBI and Secret Service. And he actually did it.
The premise is simple; instead of creating fake businesses with stupid names, he created fake locations for an FBI office in San Francisco and a Secret Service office in Washington DC, each effectively taking the place of its real life counterpart. These new locations were identical to their real-life counterparts — with one important change. A new phone number.
I saw this in action. Seely sent me a link to a Google Maps Search query for "federal bureau of investigation near San Francisco, CA." There, I saw two otherwise identical listings, and when I called the one Seely pointed out to me as fake, he was the one who picked up the phone.
At the time of this writing, there are still two FBI offices listed in San Francisco, identical but for two different phone numbers.
Seely told me that the exploit was not actually in action, and that when it was, the Google Maps entry with the wrong phone number would be the one most prominently displayed. From there, Seely explained, it would be trivial to reroute the phone number to the incoming line for the actual FBI office, and either to listen to or even record the calls as they came in. I saw no explicit evidence that Seely had done or could do this part, but Valleywag did.
The effect would basically be a very limited tapped phone. Any scammer with the ability to set this up would be able to intercept calls — but only from people calling in through office's main line, and only people who'd looked up the number to call on Google Maps.
But also the danger of new scams like this is pretty much over. Sources at Google have confirmed that many of the exploits Seely used in the first place have been patched up, so the risk of any new DIY tapping setups by the same method seems slim to none.
However, Seely snuck these last alternate locations — like the FBI office and the Internet Cock Advisory — just before the security holes he was using were closed. And, while Seely has demonstrated that he can still modify that locations he's already made, he can't create new ones with the same tricks. Still, he's been able to prove that this was possible, it's almost impossible to know if any setups like this currently exist, have existed in the past, or have been put to any use. But the danger of new ones through known exploits seems to be over.
Even though the scope of such taps would have been pretty limited and new ones are now impossible, the fact that someone could have effectively tapped a subset of calls to any number government agencies or any other business — through Google Maps, of all places — is pretty scary nonetheless.
Seely has notified the agencies involved and we've reached out to them, as well as to Google, for comment.
Considering that the locations on Google Maps are submitted and verified by users, instead of pulled from official sources, trusting it absolutely for super-secret calls has always been a bad idea. So if you find yourself having to call the FBI to rat out your local mob boss, maybe dig up that number from the official website and then set up a meeting in person. Google Maps is a good reference material, but it never hurts to double check.