A researcher at the University of Luxembourg has demonstrated a new class of attacks against mobile phones at the security conference DeepSec in Vienna. Using a base transceiver station (available for 1000 euro) he has shown how common programming errors in the communication stack of mobile phones can be exploited to gain control of the devices.
Ralf-Philipp Weinmann found devastating flaws in a large percentage of cellular communication stacks. According to him, sufficiently motivated attackers are able to attack phones in a way that is almost undetectable. Vulnerable cell phones can be taken over if they are within the range of the rogue transceiver, which may mean hundreds of phones at a time in crowded urban areas. Attackers can cause billing problems by either dialing premium numbers or sending text messages to premium services; or they can monitor the complete communications of the cell phone user.
Eavesdropping on nearby cell phones is also possible by making the vulnerable cell phone pick up incoming calls automatically -- without the user noticing.The attacking transceiver needs to be online for just a couple of seconds to perform the attack.
The University of Luxembourg, is working together with a number of vendors for both cellular communication chips and mobile phones. The objective is to fix the security flaws found and to prevent similar flaws from happening in the future.
Cite This Page: