Researchers from Germany's Ruhr-Universität Bochum recently discovered a new bug in mobile devices 4G/ LTE which could be exploited by hackers to tell the owner of the phone. The team is expected to present the results of its research to Network Distributed System Security Symposium in San Diego.
In particular, hackers have the ability to breach and manipulate user accounts, download illegally authenticated documents, and even block encrypted internet traffic, due to an error on all devices using the LTE service. However, it is highly unlikely that an average user will fall victim to this "Hacking" attack. This is due to the fact that it is quite a complicated hack and therefore difficult to implement.
According to a security engineer, Maya Levine, the hacker who has carried out the attack must have the necessary know-how and be close to the victim. He also points out that there is little chance that an average user will be the victim of this "hacking" attack, as opposed to a famous and prominent person who may have a large amount of sensitive information. Even then, however, the chances of a hacker being able to extract useful information are minimal, as most digital activities are encrypted.
Hackers can exploit this error in the following way: When an LTE mobile user moves, the nearest cell tower sends a signal to his device. The hacker must be in the same place as the potential victim to "fool" the cell tower and have the know-how to signal the original user and therefore send and receive LTE signals.
According to Mark Nunnikhoven, his vice president in cloud research for cyber security company Trend Micro, the hacker could also handle and direct a user's account by making international calls or using high-quality services provided by the victim's provider, such as subscribing to a TV package.
Hackers can also collect unencrypted information sent to the victim, which is however common only in activities such as Facebook and e-mail, while regular activities are almost unlikely to be affected by it.
However, the error can pose a problem for network providers and legal services, as they may find it difficult to control whether a particular user has performed the activities suggested by their device.
According to Darren Shou, head of technology at NortonLifeLock, the carrier could say "I received a request for this service and I charged you" and the user correspondingly replied "it wasn't me, it was a bad twin." What denial will there be? ”
Although discovering this error need not panic any LTE user, it reminds consumers, providers, and technologists of the need to constantly improve their security practices.
LTE error is not something a user can control, but there are other things he can control. For example, making sure your passwords have changed, knowing which links they click on, and freezing bank accounts when there is suspicious activity are the best practices to prevent hackers.
Finally, for technologists, the revelation about the LTE hack is another proof of how important encryption is, as hackers continue to find new ways to steal valuable and sensitive data.