
A vulnerability in old cellphone networks could allow hackers to intercept your smartphone browsing, say two security analysts.
David PĂŠrez and JosĂŠ PicĂł of the Spanish internet security company have devised a way to hijack a mobile phoneâs data communications, giving them access to any information passing in or out of the phone. They can even intercept requests for a website and replace the legitimate site with their own. Laptops and other devices using mobile internet are also vulnerable to attack, they say.
The pair at the Black Hat DC hacking conference in Arlington, Virginia, last week. It works by forcing the phone to connect to a fake mobile base station instead of one operated by a network provider. Itâs surprisingly easy to do â although mobiles need to authenticate themselves when connecting, base stations donât return the favour.
Advertisement
Back to 2G
This lack of security is based on the past assumption that base station technology is too expensive for the average hacker, but the pairâs hack uses hardware costing less than $10,000. While it isnât possible to spoof modern 3G networks in this way, the vulnerability remains in the older 2G systems like Edge or GPRS.
The researchers take advantage of this by jamming 3G signals in the area, forcing phones to switch to 2G. â99.9 per cent of the mobile devices that are 3G-capable will fall back to 2G service if 3G is not available,â explains Perez.
Once the phone is connected to the spoof network, the attacker can route all data traffic through their own computer. PĂŠrez and PicĂł say this allows the hacker to monitor browsing and also to mount phishing attacks by replacing legitimate online banking websites with their own versions. In the latter case the victimâs browser will warn them that the site is not secure, but users often ignore these messages.
Laptops using mobile internet are even more vulnerable, as the attack can give access to software with known vulnerabilities, allowing the attacker to take full control of the computer.
No fix
Perez says that this flaw in 2G networks cannot easily be fixed by network providers, leaving it up to users to protect themselves by encrypting the connection or using only 3G. âIf your device gives you the option, configure it to accept only 3G and reject 2G,â he recommends â but many popular devices like the iPhone donât give this option, and blocking 2G is likely to leave you with spotty network coverage in any case.
, a researcher in communication and computer networks at the University of Manchester, UK, agrees that users should protect themselves from this kind of attack with encryption. âThis ensures that in the event that traffic is intercepted, the attacker cannot read it,â she says. âEspecially when nowadays many people use their mobile devices for financial transactions and paying bills.â