Network flaw exposes phone calls to hackers - geeko

When you make a phone call over the LTE network, it is automatically encrypted. However, according to a survey conducted by German researchers at the Horst Görtz Institute at Ruhr-Universität Bochum, this is not always the case. The latter have indeed discovered that it is possible to exploit a security flaw within the LTE network, also called 4G, to spy on phone calls.

The researchers explained in their report that LTE encrypts phone calls with security keys. However, the latter can be reused for several calls, which means that a hacker could very well recover one of these keys and reuse it to break the encryption of a telephone call, in order to listen to the exchanges.

However, the hacker would have to be in the same cell of the 4G network, the area of ​​which varies from a few tens of meters to several hundred. After that, he will have to wait for his target to receive or start a phone call and then attack him.

This type of attack must necessarily be targeted

The German researchers explain that a hacker will have to contact his target and therefore call him to try to recover the encryption key of his previous call. "The attacker must initiate a conversation with his victim […] The longer the attacker speaks to his victim, the more he can decipher the content of the conversation", explains David Rupprecht, head of the search team. A process which necessarily implies that the hacker targets a particular person or that he has his telephone number.

German researchers tested this technique on a large number of randomly selected 4G LTE cells across the country. Almost 80% of them were found to be vulnerable to this attack, dubbed “ReVoLTE”. As 4G LTE is widely used, the number of potential targets is worrying. This is why the researchers immediately warned the telecommunications operators, but also the manufacturers of smartphones before publishing the results of their research.

The vulnerability has therefore already been largely fixed, but not for everyone. There remains a risk of piracy by this means. This is why an application was developed by the researchers to verify that the 4G cell used by his phone was safe or not. Unfortunately installing the application is not the most helpful. To prevent your conversations from being hacked and overheard, avoid staying on the phone for too long with people you don't know. These could monopolize you to steal your security key.

By the Web

Canada: Thousands of Government Service Online Accounts Hacked

High-Tech

Android: Bluetooth flaw exposes users

  • High-Tech
  • Smartphone
  • listening
  • Cyber ​​attack
  • Hacker
  • Spying
  • Cybersecurity
  • Telecommunications
  • Telephony
  • Telecom operators