Saturday , November 28 2020

They can spy their calls on 4G and 5G networks


They have found three security failures which affects mobile phone networks 4G to 5G. Earlier this month, we learned about security breaking of 5G, 4G and 3G that allowed IMSI assistants to get spy talks. And now, a new deficit has found that 4G and 5G are affected, so they could be spyware calls phone and also know that location of the users that connect.

According to the explanations of one of the people involved in this investigation, & # 39; Anyone & # 39; with some information in cell protection protocols, we will be able to undertake this assault. If this vulnerability is exploited, as we said, it could be spy talks call, track the exact location of the users and launch targeted fishing attacks. One of the reasons is Torpedo & # 39;, which affects the protocol used to notify a device receiving a call or message; but from that time Piercer rises, which would allow to know IMSI from anyone, and IMSI-Cracio, to enforce IMSI number on 4G and 5G networks.

With a device of $ 200 you can only attack a 4G or 5G user to spy on your phone conversations

These security failures are on 4G to 5G It can be used with costly radio equipment only 200 dollars. Torpedo vulnerability allows you to make multiple calls –a canslo- In a short period of time, an unsupported search message to the target device is triggered. This can be used tracking the location the victim, but also for targeted fishing attacks and to hijack communications.

The three serious security problems were reported to the GSMA, and the agency has recognized that the vulnerability exists. However, the GSMA has not provided additional details, and it has not been clear when the problems could be resolved. Although Torpedo and IMSI-Cracking have to be resolved in the first instance by the GSMA, the responsibility of the telecommunications operators is the answer for the risk of the Piercer. And in any case, the priority is to install the Tordpedo security failure, about the type of assault that can be launched against users.

written by Carlos González

Source link