You don't need to be the National Security Agency to spy on Americans' cellphone calls and messages. You only need to hack into a cellphone signal-boosting device that Verizon sells for $250 — and you can intercept all communications coming from a nearby phone.

Two security researchers, or white-hat hackers, have discovered that the devices — called femtocells, or network extenders — can be easily hacked and turned into spying stations. These are small low-power cellphone stations that can be bought to improve the signal in a house.

"We can operate a cellphone tower, and see everything that your phone would send to a cellphone tower: phone calls, text messages, picture messages, mobile web surfing," Tom Ritter, a senior consultant with the security firm iSEC Partners, told CNN Money. "We can see and record it all."

The finding was reported by various media outlets on Monday, and researchers will provide further detail at the Las Vegas hacking and security conferences Def Con and Black Hat, which take place back-to-back at the end of July.

Ritter and his colleague Doug DePerry hacked the software running on the device, intercepting all calls made or received within 40 feet of the device and transmitting the data to a connected computer. In the demonstration for CNN Money, Ritter intercepted a phone call, a text message and even an MMS message.

The issue was reported by the researchers to Verizon in early 2013 and the company claims that they fixed the issue in March, according to spokesman David Samberg. He added that no customers were affected by the exploit.

"The device they used for their demo was one that was originally hacked and did not accept the fix. All devices that have not accepted the software update have been removed from the network and no longer work," Samberg wrote in an email to Mashable.

It's easy to imagine how a hacked femtocell could be abused by someone with malicious intentions. The devices are so small — the size of a router — that they can be carried around in a pocketbook, intercepting all communications in a 40-feet radius. Ritter and DePerry believe this reach can be extended even further using more powerful antennas.

This is not the first time that femtocells have been exploited by hackers and turned into surveillance devices. In 2011, the group The Hacker's Choice showed that Vodafone femtocells marketed in the UK could be used to tap into nearby cellphones.

Image via Justin Sullivan/Getty Images