CybserSecurity News

Tag: 5G

  • SNI5GECT: A New Framework Exposes Major Vulnerabilities in 5G Networks

    A team of researchers has unveiled a new framework, SNI5GECT, which exposes vulnerabilities in fifth-generation mobile networks at the very earliest stages of connection establishment. Unlike attacks that rely on counterfeit base stations—complex to implement and easily detected by monitoring systems—SNI5GECT operates as a “third party”: it intercepts unencrypted exchanges between a device and a base station before authentication occurs and is capable of injecting its own messages into the communication stream. This enables targeted attacks on a smartphone or modem without knowledge of its identifiers and without coercing the terminal into connecting to a fraudulent gNB.

    During testing, the researchers deployed SNI5GECT on five different 5G devices, using both open-source base station implementations (srsRAN) and commercial solutions (Effnet). The experiments revealed that the system successfully intercepted more than 80% of uplink and downlink exchanges, with the success rate of forged message injection reaching 70–90%, even at distances of up to 20 meters. In one case, the attack triggered modem crashes on smartphones powered by MediaTek chips; in another, it enabled a novel downgrade technique whereby the terminal blacklisted the base station, permanently losing 5G connectivity and reverting to LTE. This scenario has already been acknowledged by the GSMA industry consortium and assigned the identifier CVD-2024-0096.

    The practical danger lies in the fact that unencrypted communication windows regularly occur: when a signal is lost in an elevator, when switching to airplane mode, or when exiting a tunnel, the device initiates reconnection. It is precisely at such moments that an attacker can intercept and manipulate the exchange. Consequently, the vulnerability spans a wide range of real-world scenarios.

    SNI5GECT also facilitates the modeling of complex attack chains involving sequential injection and analysis of device responses. For instance, an attacker could enforce a forged registration denial, pushing the terminal toward a less secure network, or induce repeated authentication failures that cause the smartphone to blacklist the base station and fall back to 4G. Such conditions pave the way for IMSI catchers, surveillance, and the harvesting of sensitive data.

    The authors emphasize that their tool is the first open framework of its kind to study weaknesses in 5G without the need to operate a fake base station. The project’s source code is openly available on GitHub, while the actual exploits will only be shared with vetted organizations to prevent misuse. The researchers underscore that their publication is made in the community’s interest, aiming to strengthen security rather than facilitate malicious exploitation.

    At the core of SNI5GECT lies the Syncher, which synchronizes with a legitimate cell and extracts essential data from the Master Information Block (MIB). This synchronization must occur in real time with minimal latency, as even a single missed slot results in the loss of critical messages and failure of the attack. The Syncher runs in a dedicated high-priority thread, ensuring precise alignment with time slots, enabling the decoding of both the control channel (PDCCH) and user data (PDSCH and PUSCH).

    Next, the Broadcast Worker analyzes the System Information Block Type 1 (SIB1), which contains fundamental radio interface settings—access parameters, channel configurations, and random access algorithms. Once SIB1 is parsed, the component begins monitoring new devices attempting to connect. The first indicator of such an event is the Random Access Response (RAR), which provides a temporary RA-RNTI identifier. Upon receiving it, the system launches UETracker, a module that tracks the subscriber until a permanent C-RNTI is assigned.

    UETracker is itself divided into three subcomponents. The UE DL Worker decodes downlink traffic by extracting Downlink Control Information from the PDCCH and reconstructing PDSCH messages to determine the protocol state of the connection. At this stage, it becomes possible to craft malicious payloads tailored to the procedure’s exact step. The gNB UL Worker processes the uplink channel, where timing discrepancies pose a challenge: uplink transmissions do not align with downlink ones, and packets are often shifted due to Timing Advance commands. SNI5GECT compensates for this offset, enabling successful decoding of PUSCH and access to critical UE requests before a secure context is established. Finally, the gNB DL Injector forges and inserts counterfeit packets, masquerading them as legitimate base station traffic. Crucially, it does not simply inject a message, but generates its own DCI and scheduling for the PDSCH, ensuring that the smartphone accepts the forged packet as genuine.

    The principal challenge lies in timing precision. Even microsecond-level discrepancies lead to discarded packets due to CRC errors. The researchers overcame this by optimizing delay: first recording IQ samples at a given point, then calibrating delay values until the terminal successfully decoded a counterfeit frame. This optimized value could then be applied to attack other devices within the same 20-meter radius.

    Architecturally, SNI5GECT is built upon the integration of srsRAN with the WDissector library. It employs an SDR USRP B210, which simultaneously handles both interception and injection processes. In experiments, the system successfully attacked not only open gNB implementations but also commercial Effnet solutions, proving the universality of the approach. Furthermore, while the framework is openly available on GitHub, the exploits themselves will only be distributed to trusted research institutions, minimizing the risk of abuse.

  • Ericsson: global 5G subscriptions will pass the one billion milestone by the end of 2022

    Ericsson predicts in the latest edition of the Ericsson (NASDAQ: ERIC) Mobility Report that the global 5G subscriptions will pass the one billion milestones by the end of 2022. In 2027, the number of global mobile network users will exceed 4.4 billion, and 60 percent of global mobile network data traffic is expected to be over 5G networks by 2027.

    At present, the penetration rate of 5G network services is the highest in North America and Northeast Asia, accounting for about 50% of all 5G network service users. Ericsson predicts that by 2027, 90% of 5G-connected services will be used in North America, in Western Europe, the number of users of 5G network services will account for 82%, the proportion of the Gulf Cooperation Council region will reach 80%, and for the number of users of 5G network services in Northeast Asia, the proportion of users can reach 74%.
    Snapdragon 778G 5GIgor Maurell, Head of Ericsson Thailand, says: “Southeast Asia, especially Thailand, is expected to see a robust growth in terms of both 5G subscriptions and consumption. In South East Asia and Oceania, mobile data traffic per smartphone continues to grow strongly and is expected to reach around 45GB per month in 2027 – a CAGR of 30 percent. The Thai market is very dynamic with some of the most ICT-savvy consumers in the world.”

    In Northeast Asia, 5G is already the only type of mobile service that is currently growing. More and more mobile users are rapidly shifting from 4G networks to 5G networks. Last year, about 275 million new users were added, and the number of mobile users is expected to reach 1 billion by the end of 2023. In addition, telecom operators in Northeast Asia continue to increase 5G network coverage by increasing base station sites or deploying 5G networks in low-frequency bands.

    With the rapid growth of 5G network mobile users and the continuous introduction of new 5G connected devices in the market, major telecom operators that provide 5G network services believe that 5G network mobile users have positive growth momentum for mobile service revenue.

    According to the report, the current growth rate of 5G network service users is faster than that of 4G network, and the milestone of 1 billion users will be reached two years ahead of schedule. At present, the 5G network has covered a quarter of the world’s population. The number of 5G network users will increase by nearly 70 million in the first quarter of 2022 alone, and 5G network coverage is expected to correspond to about three-quarters of the world’s population in 2027.

  • MediaTek announced the launch of Dimensity 5G open resource architecture

    MediaTek announced the launch of Dimensity 5G open resource architecture, which provides major brand manufacturers with greater flexibility to customize key 5G mobile devices and achieve functional differentiation to cope with different market segments.
    The solution is based on the Dimensity 1200 mobile platform, MediaTek will provide open resources closer to the bottom layer, providing solutions for cameras, displays, graphics, and AI processing units, sensors and wireless connectivity, and other subsystems.

    MediaTek Dimensity 900

    MediaTek is collaborating with the world’s largest smartphone brands to unlock customized consumer experiences that differentiate flagship 5G smartphones,” said Dr. Yenchi Lee, Deputy General Manager of MediaTek’s Wireless Communications Business Unit. “Whether it’s novel multimedia features, unmatched performance, brilliant imaging or more synergy between smartphones and services, with our architecture device makers can tailor their devices to complement a variety of consumer lifestyles.

    Terminal manufacturers can customize the key features of Dimensity 5G open resource architecture including multimedia experience, hybrid multi-processing, AI processing, camera processing engine, and wireless connection. For example, in hybrid multiprocessing, equipment manufacturers can customize the workload distribution of various processing units in the chip, including CPU, GPU, vision processor, and deep learning accelerator, so as to fully schedule more available resources.

    MediaTek hopes that in this way, with greater openness, equipment manufacturers have greater freedom to display space, participate in cooperation together, and make the Dimensity 1200 mobile platform more compatible with the manufacturer’s unique software and services. This will not only bring better performance and power efficiency but also further improve the user experience.

    According to statistics from IC Insights, MediaTek has performed very well since 2020. In the first quarter of 2020, MediaTek ranked 16th in the global semiconductor supplier rankings. One year later, its sales reached $3.849 billion, an increase of 90% year on year, and it jumped to 10th place.

  • MWC 2021 Barcelona will start on June 28

    The 2021 MWC Barcelona with the theme of “Connected Impact” will start from June 28th to July 1st, and will convene a global mobile industry co-construction event in Barcelona through a combination of exciting live events and online content. This also indicates that the mobile ecosystem will enter a new era of interconnection and collaboration.

    MWC 2021 Barcelona

    Undoubtedly, the global COVID-19 pandemic reflects that mobile communications and Internet technologies are vital to the social and economic development of all parts of the world. It is under this great change that GSMA will once again bring together global leaders in the mobile industry to jointly incubate and discuss ideas and innovations that will have a profound impact on the future, and put them into practice. The next step in the development of mobile communications, that is, 5G technology, will continue to be popularized in more and more countries and regions around the world.

  • Ericsson: Global 5G mobile users will exceed 580 million by the end of 2021

    In the Ericsson Mobility Report report, Ericsson predicts that by the end of 2021, 5G mobile users will exceed 580 million, of which it is estimated that 1 million 5G mobile users will be added every day. By the end of 2026, 5G users will reach 3.5 billion, and 5G population coverage will reach 60%.

    Huawei 5G patent Apple
    “File:5G logo.jpg” by Nicosariego is licensed under CC BY-SA 4.0

    The speed of 5G deployment varies from region to region. Europe has a slow start and continues to lag far behind China, the United States, South Korea, Japan, and the Gulf Cooperation Council (GCC) market in terms of 5G deployment speed.

    According to the report, Northeast Asia is expected to account for the largest share of 5G users by 2026, with an estimated 1.4 billion 5G users. Although North America and the Gulf Cooperation Council market are expected to account for the highest 5G user penetration rates, 5G mobile users account for 84% and 73% of all regional mobile users, respectively.

    In addition, Ericsson also predicts in the report that by 2021, large-scale IoT technology (NB-IoT and Cat-M) connections will increase by nearly 80%, reaching nearly 330 million connections. By 2026, these technologies are expected to account for 46% of all cellular IoT connections.

  • Nokia, Qualcomm, and UScellular set a world record for extended-range 5G millimeter wave

    Nokia, Qualcomm, and UScellular announced recently that the three parties have achieved a world record of millimeter-wave coverage at a communication distance of more than 10 kilometers using extended-range 5G millimeter-wave solutions under commercial networks.

    Snapdragon 778G 5G

    The field test was completed under the UScellular commercial network on Grand Island, Nebraska, based on the 28GHz (n261) frequency band, using Nokia AirScale millimeter-wave wireless base stations. The above three companies conducted joint tests in multiple locations for different scenarios, respectively measuring the communication distance, upload, and download throughput, and delay. In more than 10 kilometers, the average download speed is about 1Gbps, and the upload speed is close to 57Mbps. In addition, a download speed of approximately 750 Mbps is achieved at a communication distance of more than 11 kilometers.

    This important milestone shows that Nokia’s extended-range 5G millimeter wave solution and the first-generation Qualcomm fixed wireless access platform enable mobile operators such as UScellular to bridge the connection gap in areas where there was no Internet connection service or insufficient coverage before. 5G millimeter waves will help bridge the digital divide and provide the ultimate capacity in rural, suburban, and urban areas.

    Via: Yahoo!Finance

  • Intel announces 5G Solution 5000, 5G network card for Tiger Lake notebook

    Intel recently announced the Tiger Lake-Refresh series, which directly pulls the low-voltage mobile CPU to the maximum turbo frequency of 5.0GHz, which is an unprecedented thing. Coincidentally, they also released another “5G” product. It is a 5G network solutions.

    Intel actually had a bumpy experience in doing 5G. They did 4G network baseband business for mobile phones a few years ago. It also provided a baseband for Apple iPhone and planned the two companies to cooperate in the development of 5G baseband. Unfortunately, in the end, Apple chose the more advanced Qualcomm baseband.

    Intel is no longer willing to engage in 5G basebands for mobile phones and sold them directly to Apple. However, 5G networks are a major market trend after all, and Intel naturally cannot get away completely, so they chose to cooperate with MediaTek later. This time 5G Solution 5000 is the product of cooperation between Intel and MediaTek. The 5G Solution 5000 is actually based on MediaTek’s T700 solution.

    In order to cooperate with the Intel Tiger Lake platform and the 5G network connection needs of some notebooks on the Alder Lake platform in the future, the 5G Solution 5000 adopts the PCIe specification M.2 interface card form, supports 5G NR and Sub 6GHz frequency bands, and the maximum upload and download rates are respectively 1250Mbps and 4700Mbps.

    As for the actual product, it was handed over to Fibocom for launch. The product model is FM350-GL. Intel will cooperate with operators to promote it in many countries and regions around the world.

  • TSMC received an order for Qualcomm’s high-end 5G chips

    Recently, Samsung and Qualcomm have launched a series of cooperation, each based on their own interests. The former needs to find large customers to support production capacity to support the development of new processes in order to catch up with TSMC. Since Qualcomm does not have its own fab, it will continue to evaluate third-party foundries to confirm which foundries will produce new chips to ensure that the designed chips can be released on time, and at the same time, to allow yourself to get higher profits from new orders.

    Qualcomm Snapdragon 870 5G

    Samsung is currently completing Qualcomm’s orders, including Qualcomm’s current strongest Snapdragon 888 and the latest Snapdragon 780, which are manufactured using Samsung’s 5nm process. According to Wccftech, Qualcomm has recently placed a batch of urgent orders for high-end 5G chips from TSMC. Although TSMC’s production capacity is already very tight, it has accepted Qualcomm’s request. It is not clear what products this batch of high-end 5G chips refers to, and the specific delivery quantity and time are also unclear.

    These orders will alleviate the shortage of Qualcomm chips and consolidate the cooperative relationship between the two parties. Recently, due to Samsung’s 5nm process capacity problems, Qualcomm’s chip shortage has caused Qualcomm’s financial report to fall short of expectations. This may have triggered Qualcomm’s turn to TSMC to seek help to get out of the predicament. The current chip shortage has caused a chain reaction in the smartphone industry.

  • Use drones to protect 5G network security

    Recently, Giovanni Geraci, a researcher at the Department of Information and Communication Technology at the University of Pompeii Fabra (UPF), suggested the use of drones to improve the security of 5G networks.

    In a study published in the scientific journal IEEE Wireless Communications, Geraci explained that the fifth-generation mobile network will represent a true technological revolution, but it will also face severe security challenges before it is finally fully deployed.

    Research conducted by Geraci and researchers from the Department of Electronics and Computer Engineering of Mississippi State University in the United States shows that: “On the one hand, it is important to protect the network when it is disturbed by a drone that has connected and generates interference. On the other, in the future, the same drones could assist in the prevention, detection, and recovery of attacks on 5G networks.”

    The report suggests that 5G terrestrial networks will never be 100% safe. Based on this premise, drones can be used to prevent and defend against malicious attacks.

    The researchers pointed out that the diversity of drones and the mobility of three-dimensional space can effectively enhance advanced wireless network security in multiple areas to resist various espionage, jamming, and phishing attacks and quickly detect and recover from attacks.

    In addition, with the integration of (Unmanned Aerial Vehicles) UAV unmanned equipment such as self-driving cars in the future 5G mobile network, it will also face potential attack risks from UAVs. Once drones fly over the base station, they will cause interference or even launch malicious applications, similar to a “flying pseudo base station”, threatening all mobile phones connected to the drone.

    Via: helpnetsecurity

  • Qualcomm may integrate X60 5G baseband for Snapdragon 875

    In 2019, Qualcomm launched the Snapdragon 855 Plus chip, which is a product with a slightly enhanced performance compared to the Snapdragon 855 chip. Both use the Kryo 485 architecture and 7nm process. Besides, there is no update in terms of functions.

    This year, when Qualcomm released the Snapdragon 865 Plus chip, in addition to some small improvements in performance, it also unexpectedly added support for WiFi 6E and Bluetooth 5.2. This makes it a common practice every year to update the Plus version of the chip. People are interested in looking forward to it.

    Snapdragon 8cx 5G

    Today, whistleblower Roland Quandt tweeted on Twitter that there will still be the Snapdragon 875 Plus chip next year, its codename is Lahaina+.

    According to recent news in the technology circle, this Snapdragon 875 Plus chip may also be named the Snapdragon 875G chip, and it will be foundry by Samsung, which has just received a Qualcomm USD 850 million production agreement.

    At the same time, there is also news that the Snapdragon 875 chip will use the new Kryo 685 architecture, based on the ARM Cortex X1 Super Core, and its performance is 20% better than Cortex A77.

    The news also stated that Qualcomm may integrate an embedded Snapdragon X60 5G modem for the Snapdragon 875 chip and will no longer require customers to purchase a separate 5G baseband.

    Via: wccftech