Jump to content

Vulnerability in 4G LTE allows you to pretend to be any device on a mobile network

Recommended Posts


A joint group of researchers from the Ruhr and New York Universities has developed a new attack method that makes it possible to impersonate a legitimate user on a mobile network. The technique, called IMP4GT (IMPersonation Attacks in 4G NeTworks), exploits a vulnerability in 4G LTE, namely, the lack of protection of the integrity of user data in LTE.

At the time of connecting or activating subscriber equipment in the network, the network starts the authentication procedure and key agreement agreement AKA (Authentication and Key Agreement). The purpose of this procedure is the mutual authentication of the subscriber and the network and the development of the KASME intermediate key. In LTE networks, mutual authentication occurs on the control plane, however, on the user plane there is no verification of the integrity of user data, which an attacker can use to manipulate and redirect IP packets.

In addition to the lack of integrity checking, the IMP4GT attack exploits the reflection mechanism in the IP stack of the mobile operating system. Specialists described two attack scenarios affecting the upstream and downstream channels of the network. In the first case, the attacker pretends to be a legitimate device on the network and can use any site disguised as a victim. In this case, all traffic generated by the attacker will be associated with the IP address of the victim.

In the second case, the attacker can establish a TCP / IP connection with the phone and bypass any mechanism of the LTE network firewall (does not apply to protective mechanisms above the IP level).

According to researchers, an attacker can impersonate a device or network at an IP level and send or receive IP packets under the guise of a stolen identity, but an attacker will not be able to access private e-mail accounts or instant messengers, make calls or crack TLS encryption. In addition, such an attack is quite difficult to implement, since it will require special skills and equipment, and the attacker himself must be close to the victim.

Specialists will present more detailed information about the IMP4GT method at the NDSS Symposium 2020 conference, which will be held in San Diego in late February.



Source: https://www.securitylab.ru/news/505155.php

  • Upvote 1

Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...