Ad Home

LTE (4G) Flaw Lets Hackers Hijack Users Browsing Session And Spy On You !

LTE (4G) Flaw Lets Hackers Hijack Users Browsing Session And Spy On You

LTE (Long-Term Evolution), also known as the 4G network, not only offers Internet at higher speeds with security but also brings many security improvements over the predecessor standard known as GSM (Global System for Mobile) communications. LTE is used by millions of people across the globe.

The LTE (Long Term Evolution) was created to improve the data transfer rate of the current mobile networks and also improve the security of the network. The LTE is used by general consumers and also by large organizations. An attack named aLTEr has been written about by researchers David Rupprecht, Katharina Kohls, Thorsten Holz, and Christina Popper and takes advantage of a vulnerability in the second layer of an LTE network which is also known as the data link layer.

The attack can hijack your browsing session and also allow the attacker to redirect the user to different services using DNS spoofing. The attack is dangerous but it also requires a $4000 worth of hardware to perform it. A video has been posted to see how the hack works on the commercial LTE networks. The video actually shows Hotmail being redirected to a spoofed version of the website which exactly looks like Hotmail.

The data link layer protects the data using encryption and also decides how the user accesses his data in the network. The data link layer also helps in correcting the transmission errors to help the physical channel to reduce the transmission errors. The data link layer helps the client to maintain the continuous data transmission between the client and the tower.

The aLTEr attack abuses the flaw in the inherent design of LTE so in layman’s terms it cannot be fixed. The aLTEr creates a fake cell tower takes the requests from the user reads them and forwards them to the real tower but modifies some key points of the data. The layers above the data link layers are protected by the mutual connection with the cell tower but the layers below it is not protected by the same mechanism hence it is easy for the attacker to modify the data in the layers. The attacker will take advantage of this layer to change which service the user uses or visits.

No comments