4G/5G vulnerabilities lets hacker to intercept calls and track user location

A team of scholars recently announced the successful discovery of three new security vulnerabilities in the 4G/5G network that can be used to intercept calls and track the location of mobile users. The results of the survey show that this is the first vulnerability that affects both the existing 4G network and the upcoming 5G standard. The 5G network claims to provide faster speeds and higher security protection and provides better protection against eavesdropping on mobile phones, but researchers say that new types of attacks can bypass these measures.

Syed Rafiul Hussain, a co-author of the paper, revealed to TechCrunch,

“Any person with a little knowledge of cellular paging protocols can carry out this attack.”

According to the paper, these three vulnerabilities are Torpedo, Piercer and IMSI-Cracking attacks. The most serious of these is Torpedo, which exploits the weakness of the paging protocol (the carrier is used to notify the phone before an incoming call or text message). Calling and canceling a mobile call in a short period of time can trigger when the target device is notified of the incoming call. The paging protocol allows the attacker to track the victim’s location. Researchers say knowing the victim’s paging opportunity can also allow an attacker to hijack a paging channel and insert or reject a paging message by spoofing a message (such as an Amber alert) or by completely blocking the message.

Based on the Torped vulnerability, the attacker can also advance two other vulnerabilities. Researchers say Piercer allows attackers to determine International Mobile Subscriber Identity (IMSI) on 4G networks, while another vulnerability is called IMSI-Cracking attack, which can violently attack IMSI numbers on 4G and 5G networks.

Via: TechCrunch