Summarize

Simplifying... Inshort

A research team discovered vulnerabilities in 5G basebands used in smartphones by Google, OPPO, OnePlus, Motorola, and Samsung, potentially exposing millions of users to spying.
The flaws allowed hackers to trick phones into connecting with a fake base station, enabling them to send phishing messages or direct users to harmful websites.
Most vendors have now patched these vulnerabilities, ensuring user safety.

Was a long read? Making it simpler...

Next Article

These compromised basebands are found in smartphones produced by Google, OPPO, OnePlus, Motorola, and Samsung

Flaw in 5G phones exposes millions of users to spying

By Mudit Dube

Aug 08, 2024

11:11 am

What's the story

A team of researchers from Pennsylvania State University has revealed a series of security vulnerabilities in 5G basebands, the processors that enable phones to connect to mobile networks. These flaws could potentially be exploited by cybercriminals to infiltrate and spy on victims covertly. The findings were presented at the Black Hat cybersecurity conference in Las Vegas and also published in an academic paper.

Tool discovery

Custom tool uncovers vulnerabilities in 5G basebands

The research team, including Kai Tu, Yilu Dong, Abdullah Al Ishtiaq, Syed Md Mukit Rashid, Weixuan Wang, Tianwei Wu, and Syed Rafiul Hussain used a custom-made analysis tool named '5GBaseChecker.' This tool was instrumental in identifying vulnerabilities in basebands manufactured by Samsung, MediaTek and Qualcomm. These compromised basebands are found in smartphones produced by Google, OPPO, OnePlus, Motorola, and Samsung, among others.

Attack demonstration

Researchers demonstrate potential attacks using baseband flaws

The research team has made 5GBaseChecker available on GitHub for other researchers to use in their search for 5G vulnerabilities. Hussain, an assistant professor at Penn State University, revealed that he and his students were able to trick phones with these vulnerable 5G basebands into connecting with a fake base station. This connection served as a launchpad for their attacks.

Threat potential

Exploitation of 5G baseband flaws poses significant threat

Tu, a member of the research team, highlighted their most critical attack that allowed them to exploit the phone from the fake base station. He stated that "the security of 5G was totally broken." He further added that "the attack is totally silent." By exploiting these vulnerabilities, a malicious hacker could impersonate a friend of the victim and send a convincing phishing message or direct the victim's phone to a harmful website.

Additional risks

Researchers discover additional risks and potential eavesdropping

The researchers also discovered that they could downgrade a victim from 5G to older protocols like 4G or even older ones. This tactic made it easier for them to eavesdrop on the victim's communications. Most vendors contacted by the researchers have addressed these vulnerabilities. As of now, 12 vulnerabilities in different 5G basebands have been identified and patched.

Industry response

Tech giants respond to 5G baseband security flaws

Samsung spokesperson Chris Langlois confirmed that the company had "released software patches to affected smartphone vendors to address and resolve this matter." Google's Matthew Flegal also confirmed that the flaws were now fixed. However, MediaTek and Qualcomm did not respond to a request for comment on these security issues. This industry response indicates a proactive approach toward addressing these newly discovered 5G baseband vulnerabilities.