Home Technology Hackers could exploit major 5G baseband security flaw, researchers say

Hackers could exploit major 5G baseband security flaw, researchers say

61
0


Researchers from Pennsylvania State University have revealed serious security vulnerabilities in several 5G basebands, which could allow hackers to stealthily access and spy on mobile users. The findings were presented at the Black Hat cybersecurity conference in Las Vegas and detailed in an academic paper published Aug. 7.

The team developed a new tool named “5GBaseChecker” to detect flaws in basebands produced by major manufacturers such as Samsung, MediaTek, and Qualcomm. These basebands are used in popular smartphones from Google, OPPO, and OnePlus, to Motorola, and Samsung.

What is the 5GBaseChecker basebands tool?

In their paper, “Logic Gone Astray: A Security Analysis Framework for the Control Plane Protocols of 5G Basebands,” the analysts explained their methodology. “We develop 5GBaseChecker— an efficient, scalable, and dynamic security analysis framework based on differential testing for analyzing 5G basebands’ control plane protocol interactions,” they said. The tool uses black-box automata learning to model baseband behaviors, which can then pinpoint deviations in security properties that may signal vulnerabilities.

Their testing uncovered 22 implementation issues, including 13 exploitable vulnerabilities and two interoperability concerns.

The research group, which includes Kai Tu, Yilu Dong, Abdullah Al Ishtiaq, Syed Md Mukit Rashid, Weixuan Wang, Tianwei Wu, and Syed Rafiul Hussain, have made 5GBaseChecker available on GitHub to assist other researchers in identifying security flaws in 5G technologies.

Hussain, an assistant professor at Penn State, wrote in a post on X: “This automated and scalable security analysis framework unveiled 22 issues, with 13 exploitable ones in 17 5G basebands.”

One particularly startling discovery was the “5G AKA Bypass,” a severe vulnerability in a widely used 5G baseband that could let attackers intercept Internet data and send phishing SMS messages.

“The implications of this attack are profound; it affects users globally who utilize 5G devices with that particular baseband. This flaw violates the underlying security guarantees of 5G technology, leaving users’ security and privacy completely compromised,” the team explained.

Featured image: Ideogram

The post Hackers could exploit major 5G baseband security flaw, researchers say appeared first on ReadWrite.





Source link

LEAVE A REPLY

Please enter your comment!
Please enter your name here