A group of researchers discovered 5G vulnerability that could compromise your mobile phone security. The vulnerabilities are located in different frequency bands and allow an attacker to conduct various attacks to gain access to your data. In more extreme cases, the vulnerability can be used to spy on the victim’s messages.
In accordance with TechCrunchResearchers at the University of Pennsylvania have found serious security flaws in the group basebands developed by Samsung, MediaTek and Qualcomm. This firmware, whose primary function is to control mobile communications with cell towers and other wireless networks, has a vulnerability that leaves your communications at the mercy of a hacker.
According to the researchers, the attacker couldtrick your device into connecting to a fake base station. From there, it would send phishing attacks via text messages or redirect the user to a website to steal their data. Another vulnerability would allow it to determine the location of the device and launch a DDoS attack.
The discovery was made possible thanks to 5GBaseCheckera tool that can identify firmware security flaws. 5GBaseChecker analyzes the interactions of 5G baseband control plane protocols for tampering. After testing 17 commercial 5G basebands, the team found that 13 Vulnerabilities That Can Be Exploited and 2 compatibility issues.
The decision concerns Samsung, Motorola, Google and other manufacturers.
The vulnerabilities mainly affect mobile phones from Samsung, Motorola, Google, Oppo and OnePlus. Kai Tu, one of the authors of the study, noted that By degrading the protocol, it will be possible to spy on the victim’s messages.The worst part is that the user will never know about it, since the attack is completely silent.
The good news is that some manufacturers have already fixed this bug. Samsung and Google patched vulnerabilities through a software update. As with the other findings, vendors were aware of the findings before they were made public. The researchers say 12 of the 13 vulnerabilities have been patched.
Syed Rafiul Hussain, another of the study’s authors, commented that There is a permanent solution to protect 5G networks. The lack of authentication in the initial messages broadcast from cell towers is “the root of all evil,” Hussein says. The researcher warns that carriers can use public key infrastructure (PKI), but this is an expensive process because it requires updating all the towers.
Source: Hiper Textual
I’m Ben Stock, a highly experienced and passionate journalist with a career in the news industry spanning more than 10 years. I specialize in writing content for websites, including researching and interviewing sources to produce engaging articles. My current role is as an author at Gadget Onus, where I mainly cover the mobile section.
