Holes in 4G and 5G Networks Could Let Hackers Track Your Location
Even if carriers shape up, though, an attacker can still track a smartphone's location and snoop on phone calls thanks to newly discovered flaws in 4G and even 5G protocols.
A group of researchers from Purdue University and the University of Iowa will present their findings Tuesday at the Network and Distributed System Security Symposium in San Diego. They note that their discoveries, first reported by TechCrunch, are particularly concerning since the 5G standard was specifically developed to better protect against these types of attacks.
The researchers, who also uncovered other vulnerabilities in the 4G network last year, describe a series of new protocol weaknesses that could be used in a variety of attacks. An exploit the researchers call Torpedo underlies the others; it preys on flaws in the "paging protocol" used to notify devices about incoming communications.
An idle device checks in with the nearest cellular base station for these pages at set increments, so it isn't killing battery life by checking constantly. If an attacker wants to determine if a target is nearby, they can initiate a quick series of phone calls to a victim's deice to "sniff," or evaluate, the paging protocol communications.
Both 4G and 5G have built-in protections against this type of surveillance, but researchers found that these obfuscation efforts fall short.
An attacker can spot patterns in the paging messages that reveal which base station the device is closest to, and confirm that the victim is in the area.Fundamental protocol flaws, like those in the historic SS7 backbone standard, have remained unresolved for decades and led to increasing risk to end users.Original article
We use cookies and analyse traffic to this site. By continuing to use this site, closing this banner, or clicking "I Agree", you agree to the use of cookies. Read our privacy poplicy for more information.