Authorities said they arrested an 18-year-old iPhone app developer on charges of felony computer tampering after he unleashed code that threatened to take down emergency 911 systems in a large swath of Arizona and possibly other states.
Meetkumar Hiteshbhai Desai stands accused of publishing Web links that caused iPhones to repeatedly dial 911, according to a release published Thursday by Arizona’s Maricopa County Sheriff’s Office. On Tuesday night, officials alleged, the 911 system operated by the Surprise, Arizona, police department received more than 100 hang-up calls in a matter of minutes. The volume allegedly put authorities “in immediate danger of losing service to their switches.” The emergency systems for the nearby Peoria Police Department and the Maricopa County Sheriff’s Office also received a large number of repeated calls. Agencies in California and Texas were also affected, authorities said.
The release said the 911-dialing code was hosted on a site with the name “Meet Desai.” A link posted on the TheHackSpot YouTube channel and one or more Twitter accounts then encouraged people to click on the link. Authorities said they found evidence it had been clicked 1,849 times. In an e-mail, the operator of the YouTube channel said: “The link does not contain anything harmful, and I am not associated with any type of personal hacking. Just a fun prank that many other big YouTube channels covered as well.”
According to an image Desai posted Thursday to Twitter, various pages on the sitehttp://meetdesai.com—the address was unreachable on Friday, but a cached version of the site is temporarily available here—received more than 151,000 page views. It wasn’t entirely clear the links were the ones alleged to contain the attack code, and Desai didn’t respond to requests for an interview.
Still, if even a portion of those links caused phones to simultaneously dial 911, they had the potential to disrupt vital emergency systems. According to recently released research reported in The Washington Post by journalist Kim Zetter, a proof-of-concept attack devised by researchers in Israel required just 6,000 infected smartphones in a geographical area to tamper with the 911 system for the entire state of North Carolina. The researchers estimated 200,000 infected phones distributed across the US could significantly disrupt 911 services for the entire country.