Researchers reveal flaw in 4G and 5G network that allows hackers to intercept calls, track location

By Digit NewsDesk | Published on Feb 26 2019
Researchers reveal flaw in 4G and 5G network that allows hackers to intercept calls, track location
HIGHLIGHTS

A team of researchers from Purdue University and University of Iowa have revealed three attacks which allow hackers to intercept phone calls and track a phone's location in real time on 4G and 5G networks

Apple iPhone XR 64GB at Lowest Price Ever

6.1" display | 50% Faster Graphics performance | TrueDepth camera

Click here to know more

Highlights

  • Vulnerability allows attackers to track phone's location
  • Additional attacks could let hackers intercept phone calls and messages
  • Vulnerability impacts both 4G and 5G networks

A group of academic researchers from Purdue University and the University of Iowa have revealed vulnerabilities in 4G and 5G infrastructure that allow those with malicious intent to track the location of any mobile phone. More worrisome is their claim that the vulnerabilities they have discovered could also allow hackers to intercept phone calls.

This is supposedly the first time a vulnerability has been discovered that impacts both 4G and the upcoming 5G standard. Besides higher data speeds and lower latencies, 5G also promised improved security, which this new flaw seems to be able to circumvent. The researchers are to present their paper on the topic at the Network and Distributed System Security Symposium in San Diego. TechCrunch has had early access to the paper, and have had a look at how the three attacks work to achieve their goal.

The first attack is called Torpedo and exploits the paging protocol which carriers use to notify the phone about an incoming text or call before it is received. The attack involves calling the target phone a number of times in short duration, which triggers a paging message without alerting the target device to an incoming call. This, an attacker can use to track a victim’s location. 

Torpedo further allows two more attacks; Piercer and IMSI-Cracking attack. The former refers to the attack's ability to identify the International Mobile Subscriber Identity of a cellphone. IMSI is supposed to be encrypted. The IMSI Attack can further use brute force against the IMSI number, which allows the attacker to track a phone’s location and intercept calls and messages.

The researchers say that the flaws were reported to GSMA, the body that represents mobile operators, but received no comment. According to the researchers, the Torpedo attack would be the first priority to address, since that is the gateway for the other two attacks. After that, the GSMA would need to address the IMSI attack while the operators would be responsible for fixing the vulnerability that allows the execution of the Piercer attack.

Related Read: Qualcomm Snapdragon X55 5G modem launched with 4G/5G support, Samsung to debut it in 2020

Videos

Qualcomm Snapdragon X55 5G Modem | First Look | Digit.in
logo
Digit NewsDesk

The guy who answered the question 'What are you doing?' with 'Nothing'.

Digit caters to the largest community of tech buyers, users and enthusiasts in India. The all new Digit in continues the legacy of Thinkdigit.com as one of the largest portals in India committed to technology users and buyers. Digit is also one of the most trusted names when it comes to technology reviews and buying advice and is home to the Digit Test Lab, India's most proficient center for testing and reviewing technology products.

We are about leadership-the 9.9 kind! Building a leading media company out of India.And,grooming new leaders for this promising industry.