InShortViral: The 4G mobile network security vulnerability could lead to a disclosure of user privacy, and telephone service exception. Among this inferior 4G, LTE protocol discovered security vulnerabilities
European Black Hat Researchers to showcase the discoveries, the 4G mobile network security vulnerability could lead to a disclosure of user privacy and telephone service exception. Among this inferior 4G, LTE protocol discovered security vulnerabilities that could allow an attacker to determine the physical location of the target mobile users and prevent users from using their mobile device to make or receive voice calls.
Researchers from Black Hat Europe has announced that they were 4G LTE protocol and device defects found, these vulnerabilities would enable them to obtain the user’s physical location data and ways to simulate denial of service attacks. These come from Berlin University of Technology, the University of Helsinki and Aalto university Telecom Innovation Lab researchers have pointed out that this will be the first for next-generation mobile networks “substantial” attacks currently published.
Hacking Facebook, WhatsApp And 4G/LTE Signals To Track Current Location
4G LTE is a 3G and 2G technology beyond previously mobile baseband version in terms of safety, but also previously widely believed, like several before it is not as susceptible to the type of network privacy issues.
But the researchers noted that their findings clearly inconsistent with this view.
“We found that the two types of security vulnerabilities, one of which exists in the protocol standards body, the other is due to the various suppliers in the specific implementation technology specification left in the 4G/LTE chip of these products has been baseband manufacturers of repair, Original Electronic Manufacturers partners (OEM) but not yet act on this one,” Researchers from Aalto University and postdoctoral fellow Ravishankar Borgaonkar said.
Researchers from Aalto University and postdoctoral fellow Ravishankar Borgaonkar said.
But to make adjustments to network access protocols such data leakage problem to fix, it may probably take some time because it requires the entire technical staff of the protocol stack to be updated.
The exposed flaws 4G LET access network protocol to communicate with the base station is not mandatory for verification, which means the attacker’s device enables direct docking with the base station. The researchers were able to position within the target device 50 m radius of the attack – but they also stressed that, in fact, this may well be extended to a radius of 2 km range – thus forcing the LTE mobile device disclosing their current physical location, and finally allowing users whereabouts known to others.
“We sent a legitimate message but tampering, and to obtain the ability to display information about the precise location of the device,”
Borgaonkar represented. All current LTE equipment will be subject to these attacks impact of data leakage.
In an attack tests, the research team tracked the use of Facebook Messenger and WhatsApp to a certain user. In the case of using Messenger, they are known by their “other” folder sends an instant message to the target user, which means that when the user does not establish a “buddy” relationship with the attacker still could not escape the threat.
Researchers attack tool scans 4G frequencies to check whether the message has been received by the target user is; if you have been received, then the user is actually already being controlled by hackers.
In another attack, researchers are forcing to the user’s mobile phone access to their preset rogue base stations and enable the case of GPS to grasp its current location through triangulation victims.
Also Read: How to Hack Wifi On Android
Let’s look at a Denial of Service Testing: researchers were able to block the LTE and forcing the user to communicate via 2G or 3G networks. “This denial of service means to be able to use mobile phones to send protocol network protocol, resulting in switching from a network mode to the other network model,” he explains. After this, the attacker will be able to block the victims receive voice calls.
So far, each of the baseband vendors has their own equipment for repair, but most smartphone manufacturers have not taken targeted response measures.
The researchers wrote.
“It’s imperative that the engineering technology from the perspective of safety equipment to be an exact tradeoff with other requirements including availability, performance, and functionality. Such trade-offs work will become a prerequisite for any large-scale system can be successfully implemented, but which specific by no means static or equilibrium point for direct copying. We recommend that the relevant organizations in the development of future standardization work which take full account of these factors,”