Recent Bugs in 4G/5G allow Hackers to Intercept Calls & Track Phone Locations
- Salman Ahmed
- February 25th, 2019
A group of students indicates three major security bugs in 4G and 5G. They found that these security bugs provide hackers to track phone locations and to intercept calls too.
For the very first time, the recent security bugs affect both 4G and the upcoming 5G service.
Which claims to provide efficient performance, faster speed, and better privacy than 4G service. Especially against law enforcement use of cell site simulators, known as “Stingrays.”
However, the professionals say that their new techniques can easily defeat upcoming 5G securities that are considered to add an extra layer of protection to snoop on mobile devices.
According to Syed Rafiul Hussain, who is a part of the research, told TechCrunch in an email:
“Any person with a little knowledge of cellular paging protocols can carry out this attack.”
Hussain, along with Ninghui Li and Elisa Bertino at Purdue University, and Mitziu Echeverria and Omar Chowdhury at the University of Iowa are set to reveal their findings at the Network and Distributed System Security Symposium in San Diego on Tuesday.
According to the research paper and TechCrunch analysis regarding attacks details:
the first is Torpedo, which exploits a weakness in the paging protocol that carriers use to notify a phone before a call or text message comes through.
The researchers found that several phone calls placed and canceled in a short period can trigger a paging message without alerting the target device to an incoming call. Which an attacker can use to track a victim’s location.
Knowing the victim’s paging occasion also lets an attacker hijack the paging channel and inject or deny paging messages.
By spoofing messages like as Amber alerts or blocking messages altogether, the researchers say.
Torpedo opens the door to two other attacks: Piercer. Which the researchers say allows an attacker to determine an international mobile subscriber identity (IMSI) on the 4G network.
Moreover, the aptly named IMSI-Cracking attack. Which can brute force an IMSI number in both 4G and 5G networks, where numbers are encrypt by IMSI.
That puts even the newest 5G-capable devices at risk from stingrays, said Hussain, which law enforcement use to identify someone’s real-time location and log all the phones within its range.
According to Hussain, all four major U.S. operators — AT&T, Verizon (which owns TechCrunch), Sprint and T-Mobile — are affected by Torpedo.
One U.S. network, which he would not name, was also vulnerable to the Piercer attack.
TechCrunch contacted big four cellular companies, but none of them provided any verdict at that time.
Moreover, one of the researchers Hussain told TechCrunch:
Given two of the attacks exploit flaws in the 4G and 5G standards, almost all the cell networks outside the U.S. are vulnerable to these attacks. Several networks in Europe and Asia are also vulnerable.