Want to share with your friends too?

Science
25 Feb 2019

Hackers can use these 4G, 5G vulnerabilities to track you

Critical security flaws found in 4G and 5G

Security researchers have identified critical vulnerabilities in 4G and 5G networks, bugs that allow hackers to intercept phone calls and use them to track locations.

The attack methods require some technical knowledge but can give away your location easily if executed successfully.

Not to mention, this can also lead to a significant rise in government tracking attempts.

Here's more on the flaws.

In context

Critical security flaws found in 4G and 5G
Paging protocol bug in 4G and 5G

Bugs

Paging protocol bug in 4G and 5G

Speaking to TechCrunch, the researchers detailed the attacks stemming from the vulnerabilities.

The first, called Torpedo, revolves around exploiting a weakness in the paging protocols used by carriers to notify a phone about an incoming call/message.

They discovered that making multiple calls and canceling them over a short period triggers a paging message without alerting the device of an incoming call.

Then, the call can be used for tracking

Once an attacker manages to exploit the bug to send a call without alerting the targeted device, they could use it to track the location of the device. However, they didn't give an exact explanation for how that would happen.

Love Tech news?

Stay updated with the latest happenings.

Notify Me

Additional flaws

Plus, Torpedo opens gates for two other bugs

The research group, which will present their findings at the upcoming Network and Distributed System Security Symposium, noted that the Torpedo attack also opened gates for two other attacks.

The first attack, named Piercer (on 4G), gives away unique IMSI numbers used to identify users of a network, while the second (4G, 5G) revolves around cracking the same encrypted number through a brute-force technique.

This information also enables real-time tracking

Just like the first attack, the information from these two attacks also allows intruders to intercept calls and track the real-time location of their targets. In this case, the attacker would have to use site simulators like Stingrays used by the US government.

Is everyone affected from this bug?

Impact

Is everyone affected from this bug?

The researchers have emphasized that almost all 4G and 5G networks across the globe appear to be affected by this bug.

In the US alone, carriers like AT&T, Sprint, T-Mobile, and Verizon have been impacted by Torpedo.

Syed Rafiul Hussain, a researcher involved in the work, told TechCrunch that "any person with a little knowledge of cellular paging protocols can carry out this attack".

Fix

Fix may come soon

Having said that, it is important to note that all three attacks have been reported to the GSMA, the industry body representing cellular networks.

The organization, according to the researchers, has recognized the bugs, but it still remains unclear when a fix might be released.

They think the body should fix Torpedo first as it leads to the other two attacks.

Meanwhile, India inches closer to 5G

5G in India

Meanwhile, India inches closer to 5G

The report comes just as telecom giants and gear makers continue to carry out tests to set up 5G infrastructure in India.

They plan to make the next-gen network available in 2020, following spectrum auction, equipment testing, and ecosystem development by the end of this year.

Notably, 5G will connect to the internet in 1 millisecond and offer 10-100 times faster speeds than 4G.

Ask NewsBytes
User Image

Most asked questions

When these bug will be fixed?

Can these bugs allow someone to listen in on calls?

Are there any other bugs in 5G?

Are networks in India also impacted?

More questions

When these bug will be fixed?

Asked 2019-02-25 17:04:50 by Trisha Patel

Answered by NewsBytes

These bugs have been reported and should be fixed in a short while.

Can these bugs allow someone to listen in on calls?

Asked 2019-02-25 17:04:50 by Aaryan Chatterjee

Answered by NewsBytes

No, from what the researchers have told, they can only reveal your location.

Are there any other bugs in 5G?

Asked 2019-02-25 17:04:50 by Angel Patel

Answered by NewsBytes

No, this appears to be the only issue associated with the 5G standard.

Are networks in India also impacted?

Asked 2019-02-25 17:04:50 by Dhruv Vyas

Answered by NewsBytes

The researchers have said some networks in Asia are also impacted by these bugs, so there's a possibility of impact on Indian networks.

Next Timeline