Researchers have discovered a new type of IMPersonation Attacks on 4G LTE networks, called IMP4GT hackers exploit the lack of protection of user data integrity and infiltrate malicious content to mimic victims. 4G Long Term Evolution or LTE is the latest mobile communication standard and is used by hundreds of millions of people worldwide for fast access to Internet. Also, 4G LTE (IMP4GT) impersonation attacks can inject arbitrary packets and gain access to payloads of existing packages. The IPV4 protocol at Android and the IPV6 protocol at iOS and Android are vulnerable to IMP4GT attacks while also affecting all LTE devices such as mobile phones, laptops, tablets and many others.
Researchers used two different variants of counterfeiting attack on an LTE trading network to breach common authentication and execute counterfeit attacks with the help of open-source LTE Software Stack srsLTE from Radio System Software.
- The first variant concerns uplink counterfeiting. According to Uplink spoofing, hackers have the ability to bring victims to the networks and use arbitrary IP services, such as websites, with the identity of the victim. During the counterfeit attack, all the traffic generated by the hacker is linked to the address IP of the victim.
- The second variant concerns downlink impersonation, which allows a hacker to establish a TCP / IP connection to the phone that bypasses any LTE network firewall mechanism. The hacker cannot breach any security mechanism above the IP level. This results in the hacker being able to bypass any authorization, accounting or firewall a provider. Researchers are conducting experiments to confirm their speculation and demonstrate what an IMP4GT actually does to a setup. As a result, they can access the site of a service that only the user should have access to, or bypass the provider's firewall.
The researchers compare this method of attack with IMSI catchers / Stingrays which can operate successfully up to about 2km. In both of these attacks, the hacker simulates a malicious network to the victim. This attack affects all network providers, making all networks equally vulnerable, and this situation is expected to be corrected with forthcoming specifications 5G.