The hacker is fully capable of accessing the 4G LTE network and playing the role of victim

According to foreign media reports, a group of researchers recently found multiple weaknesses in the 4G LTE network. Once hacked, users' phones and text messages are exposed to full exposure. In addition, hackers can exploit vulnerabilities to let devices lose signals, send fake alerts to devices, or track user locations.

The researchers who discovered these vulnerabilities were researchers from Purdue and the University of Iowa. In a research report, the experts detailed ten different types of attacks and the weaknesses of three key protocols in cellular networks that hackers can exploit.

“In this paper, we investigated the security and privacy issues of the three key programs in the 4G LTE protocol (such as connectivity, separation, and paging), and discovered potential design flaws in the protocol and the unsafe behavior of the carrier. We have come up with a test solution called LTE Inspector, which is based on model building and incorporates a symbolic model verifier and an encryption protocol verifier in the symbolic attacker model," the researchers said.

The team tested eight of the ten attacks using SIM cards from four major US carriers. Through identity-based relay attacks, they successfully bypassed network authentication and disguised as a victim's device.

Therefore, hackers are fully capable of accessing the 4G LTE network and playing the role of victim.

"With the LTE Inspector, we have come up with ten new types of attacks, plus the original nine, which are divided into three groups (such as security, user privacy and interrupt services, etc.), the paper wrote.

The paper also pointed out: "The most important problem we have discovered is the authentication relay attack, which allows people with ulterior motives to obtain the location of legitimate users, even with the appropriate credentials."

Researchers believe that these vulnerabilities are quite dangerous. After hackers defraud the location of user equipment, they can intervene in criminal investigations by even erroneous location information, and even make false evidence.

At the same time, if hackers send out warning messages, urgent notices and alerts, it may also cause social confusion.

In the test, the researchers found that a major US carrier has never used encryption at all, and hackers can exploit vulnerabilities and listen to text messages and other sensitive data. But there is also good news, that is, the US carrier has solved the vulnerability and made related upgrades.

However, the most terrible part of the study is not here. What's really scary is that the cost of exploiting these vulnerabilities is low, and it's easy to launch attacks with cheap equipment and open source 4G LTE protocol software (anyone can buy it).

It is estimated that the cost of building a set of attack equipment is only $1300-3900.

The researchers also said that when the operators complete the bug fix, they will announce the proof of concept code.