Newly discovered LTE flaw Let Hackers Steal Your Identity

The LTE/4 G mobile communications Standards have identified serious vulnerabilities that could help hackers distribute other phone users, subscribe to a streaming service at your cost or publish secret company documents under a person's identity.

Because of an absence that's integrated with all devices that use LTE, hackers can execute user bills, upload illegally identified documents or even intercept unencrypted internet traffic. The good news is, given the complexity of the hack, that it is highly unlikely that an average user will suffer such a crime. This Attack is also known has IMP4GT attacks

The IMP4GT attacks take advantage of missing user data integrity protection and a mobile operating system reflection mechanism of the IP stack. We can use the reflection mechanism to construct an oracle for encryption and decryption. This enables arbitrary packages to be injected and packets decoded, in addition to the lack of integrity protection, "the researchers explained.

For instance, an attacker may book streams to a service, but the owner of the assaulted phone will pay, "said Professor Thorsten Holz of the Horst Gortz IT Security Institute

The threat would be mitigated only by changing the hardware design. In the new mobile communication standard 5 G, which is currently implemented, the team is trying to close the security gap. Higher costs should be accepted by mobile network operators because additional protection generates more data during transmission.

 In addition, it would have to replace all mobile phones and expand the base station. This is not going to occur in the near future, "David Rupprecht said.

Although the analysis of the 5 G specification has allowed possible vulnerabilities to be detected and patched prior to widespread use of 5 G networks, latest research indicates that mobile network security needs more attention.
Previous Post Next Post