Don't hang up on your call
just yet but some Samsung Galaxy Phones -- the S6, S6 Edge and Note 4, in
particular -- have a demonstrated vulnerability that connects them to fake
cellular base stations.
Own a Samsung Galaxy S6, S6
Edge or Note 4? A determined, knowledgeable hacker could intercept your voice calls to listen in or
even record conversations. A pair of researchers demonstrated exactly that
scenario this week at the Mobile Pwn2Own competition in Tokyo, reports The
Register.
The issue appears to be with
Samsung's baseband chip in the handsets, which allow for this type of exploit.
Don't hang up just yet on your
phone calls if you have one these Galaxy devices though; it's not likely that
anyone is tuned in and Samsung has been made aware of the issue.
Daniel
Komaromy and Nico Golde, the pair who demonstrated the hack on and
out-of-the-box and freshly updated handset, have turned over their findings to
Samsung and kept the details out of the public's eye.
To
intercept calls, the pair set up an OpenBTS base station that nearby phones
think is a legitimate cellular tower. That base station then can remotely
tinker with a phone's baseband software -- the bits that manage cellular radio
connections -- without the user even knowing.
The end
result is that phone calls are routed first through unofficial base station
where the call is redirected to a SIP proxy server and then passed through
official cellular networks. Essentially, it's a cellular man-in-the-middle
attack and callers have no idea it's happening.
It's not
yet clear if the team can replicate the hack on other phones that use baseband
chips from other providers, but I'm skeptical of that. It sounds more to me
like an issue specific to Samsung's chipset; I'd expect a baseband firmware
update from the company in the near future now that it has information on the
security hole.
0 comments:
Post a Comment