Jump to navigation

Logo RUB
  • Energiesparen
  • Studium
  • Forschung
  • Transfer
  • News
  • Über uns
  • Einrichtungen
 
MENÜ
  • RUB-STARTSEITE
  • News
  • Wissenschaft
  • Studium
  • Transfer
  • Leute
  • Hochschulpolitik
  • Kultur und Freizeit
  • Vermischtes
  • Servicemeldungen
  • Serien
  • Dossiers
  • Bildergalerien
  • Presseinformationen
    • Abonnieren
  • RUB in den Medien
  • Rubens
  • Rubin
    • Abonnieren
    • Printarchiv
  • Archiv
  • English
    • Press releases
  • Redaktion

Newsportal - Ruhr-Universität Bochum

Handy mit Abo-Button
Many users take out paid subscriptions via their smartphone. A vulnerability in LTE allows attackers to do this on behalf of others.
© RUB, Kramer
LTE vulnerability

Attackers can impersonate other mobile phone users

They can thus start a subscription at the expense of others or publish secret company documents under someone else’s identity.

Exploiting a vulnerability in the mobile communication standard LTE, also known as 4G, researchers at RUB can impersonate mobile phone users. Consequently, they can book fee-based services in their name that are paid for via the mobile phone bill – for example, a subscription to streaming services.

“An attacker can book services, for example stream shows, but the owner of the attacked phone would have to pay for them,” illustrates Professor Thorsten Holz from Horst Görtz Institute for IT Security, who discovered the vulnerability together with David Rupprecht, Dr. Katharina Kohls and Professor Christina Pöpper. The team from Bochum will present the results on 25 February 2020 at the Network Distributed System Security Symposium, NDSS for short, in San Diego, USA. Details of the attacks are also available on the website www.imp4gt-attacks.net.

David Rupprecht and Dr. Katharina Kohls from the Chair of System Security developed attacks to exploit security gaps in the mobile phone standard LTE.
© RUB, Kramer

According to the researcher, the vulnerability may also affect investigations of law enforcement agencies because attackers can not only make purchases in the victim’s name, but can also access websites using the victim’s identity. For example, an attacker can upload secret company documents and to network operators or law enforcement authorities, it would look as if the victim is the perpetrator.

Almost all mobile phones and tablets at risk

The discovered vulnerability affects all devices that communicate with LTE, i.e. virtually all mobile phones, tablets, and some connected household appliances. Only changing the hardware design would mitigate the threat. The Bochum-based team is attempting to close the security gap in the latest mobile communication standard 5G, which is currently rolled out. “For a technical perspective this is possible,” explains David Rupprecht. “However, mobile network operators would have to accept higher costs, as the additional protection generates more data during the transmission. In addition, all mobile phones would have to be replaced and the base station expanded. That is something that will not happen in the near future.”

Attacker has to be nearby

The problem is the lack of integrity protection: data packets are transmitted encrypted between the mobile phone and the base station, which protects the data against eavesdropping. However, it is possible to modify the exchanged data packets. The researchers can convert the encrypted data traffic between the mobile phone and the base station into plain text, and also send commands to the mobile phone, which are then encrypted and forwarded to the provider – such as a purchase command for a subscription. However, for a successful attack, the attacker must be in the vicinity of the victim’s mobile phone.

Thorsten Holz heads the Chair of System Security and is a Speaker at the Casa cluster of excellence.
© Mareen Meyer
Links
  • Detailed press release
  • Previous press release about security gaps in LTE
Published
Monday
17 February 2020
12.11 PM
By
Julia Weiler (jwe)
Translated by
Donata Zuber
Share
Teilen
 
English News
Overview
 
German News
Homepage
  • A-Z
  • N
  • K
Logo RUB
Impressum | Kontakt
Ruhr-Universität Bochum
Universitätsstraße 150
44801 Bochum

Datenschutz
Barrierefreiheit
Impressum
Schnellzugriff
Service und Themen
Anreise und Lagepläne
Hilfe im Notfall
Stellenangebote
Social Media
Facebook
Twitter
YouTube
Instagram
Seitenanfang y Kontrast N
Impressum | Kontakt