Researchers from Pennsylvania State University have revealed serious security vulnerabilities in several 5G basebands, which could allow hackers to stealthily access and spy on mobile users. The findings were presented at the Black Hat cybersecurity conference in Las Vegas and detailed in an academic paper published Aug. 7.
The team developed a new tool named “5GBaseChecker” to detect flaws in basebands produced by major manufacturers such as Samsung, MediaTek, and Qualcomm. These basebands are used in popular smartphones from Google, OPPO, and OnePlus, to Motorola, and Samsung.
#BHUSA Briefing "Cracking the 5G Fortress: Peering Into 5G's Vulnerability Abyss" will introduce a new security analysis tool 5GBaseChecker and showcase the application of this framework in identifying critical security vulnerabilities. Register here>> https://t.co/VeaOKJBO6d pic.twitter.com/8qmHeDoKJy
— Black Hat (@BlackHatEvents) May 18, 2024
What is the 5GBaseChecker basebands tool?
In their paper, “Logic Gone Astray: A Security Analysis Framework for the Control Plane Protocols of 5G Basebands,” the analysts explained their methodology. “We develop 5GBaseChecker— an efficient, scalable, and dynamic security analysis framework based on differential testing for analyzing 5G basebands’ control plane protocol interactions,” they said. The tool uses black-box automata learning to model baseband behaviors, which can then pinpoint deviations in security properties that may signal vulnerabilities.
Their testing uncovered 22 implementation issues, including 13 exploitable vulnerabilities and two interoperability concerns.
The research group, which includes Kai Tu, Yilu Dong, Abdullah Al Ishtiaq, Syed Md Mukit Rashid, Weixuan Wang, Tianwei Wu, and Syed Rafiul Hussain, have made 5GBaseChecker available on GitHub to assist other researchers in identifying security flaws in 5G technologies.
Hussain, an assistant professor at Penn State, wrote in a post on X: “This automated and scalable security analysis framework unveiled 22 issues, with 13 exploitable ones in 17 5G basebands.”
Excited to share 5GBaseChecker's acceptance to USENIX Security'24! This automated and scalable security analysis framework unveiled 22 issues, with 13 exploitable ones in 17 5G basebands. Stay tuned for the paper and tool release post-embargo. Hats off to my amazing students! pic.twitter.com/KV7Lt4koot
— Syed Rafiul Hussain (@SyedRafiul) March 21, 2024
One particularly startling discovery was the “5G AKA Bypass,” a severe vulnerability in a widely used 5G baseband that could let attackers intercept Internet data and send phishing SMS messages.
“The implications of this attack are profound; it affects users globally who utilize 5G devices with that particular baseband. This flaw violates the underlying security guarantees of 5G technology, leaving users’ security and privacy completely compromised,” the team explained.
Featured image: Ideogram
The post Hackers could exploit major 5G baseband security flaw, researchers say appeared first on ReadWrite.