5G network flaws could be abused to let hackers spy on your phone

Telecommunication tower or Mobile phone tower with 5G cellular network . Global connection and internet network concept.on city background.
(Image credit: Shutterstock / Sakorn saenudon)

5G basebands could be exploited by attackers to allow them to send fake messages to your contacts, or even hand over your credentials using a very real-looking website, experts have warned.

Unveiled at the Black Hat cybersecurity conference, a research group from Pennsylvania State University presented their vulnerability sniffing tool 5GBaseChecker.

5G basebands are used to connect phones to mobile networks, but they can be exploited to connect them to fake network towers that are run by an attacker.

“Totally silent” attack 

The researcher team, comprised of Kai Tu, Yilu Dong, Abdullah Al Ishtiaq, Syed Md Mukit Rashid, Weixuan Wang, Tianwei Wu, and Syed Rafiul Hussain, made their tool available to search for vulnerable Samsung, MediaTek and Qualcomm basebands, which are used by a number of popular phone manufacturers, including the likes of Google, Motorola and Samsung.

Among the possible avenues of attack from the fake base station, Tu highlighted a circumstance in which an attacker could potentially send a very real looking message from a friend to the victims phone opening up the potential for convincing phishing messages to be delivered from a supposedly credible source.

Tu states that once the phone connected to the fake base station, “the security of 5G was totally broken. The attack is totally silent.”

Another potential method of attack using a fake base station could be redirecting the target phone to a fake, but very real looking website such as a social media site or email login, and then stealing the credentials used to log in. To add further sting to the attack, the base station could also be used to downgrade the target phone to 4G, making it easier to snoop on the device.

So far, most of the vulnerabilities discovered in the basebands have been patched by the manufacturers, with spokespeople for both Samsung and Google telling TechCrunch that the flaws in their devices were now patched.

More from TechRadar Pro

TOPICS
Benedict Collins
Staff Writer (Security)

Benedict has been writing about security issues for over 7 years, first focusing on geopolitics and international relations while at the University of Buckingham. During this time he studied BA Politics with Journalism, for which he received a second-class honours (upper division),  then continuing his studies at a postgraduate level, achieving a distinction in MA Security, Intelligence and Diplomacy. Upon joining TechRadar Pro as a Staff Writer, Benedict transitioned his focus towards cybersecurity, exploring state-sponsored threat actors, malware, social engineering, and national security. Benedict is also an expert on B2B security products, including firewalls, antivirus, endpoint security, and password management.