Attacker Can Impersonate Other Mobile Phone Users (Feb 24, 2020)
Researchers at Ruhr-Universität Bochum have identified a vulnerability in 4G that allows for user impersonation. This enables purchases to be made without the user’s knowledge such as streaming services, that are sent to the victim’s mobile phone bill. The vulnerability affects all devices that connect to 4G, which includes mobile phones, tablets and even some household appliances. In order for an attack to occur, the perpetrator must be within the vicinity of a victim where they can modify data packets. The modification can make the phone and base station decrypt or encrypt messages into plain text, along with sending commands to the phone that are encrypted and forwarded to the phone provider.
Recommendation: Due to the nature of the vulnerability, the only fix is a hardware solution that is not easily implemented. Users should monitor their mobile phone bills for unauthorized payments coming from their accounts.
Indicators of Compromise (IOCs) associated with this story can be viewed by ThreatStream users here to identify potential malicious activity.