‘Ghost telephonist’ lets hackers take over phone numbers

mk76

Well-Known Member
Adept
Dec 4, 2008
787
303
153
‘Ghost telephonist’ lets hackers take over phone numbers


The demonstration was made on Sunday (30.07.2017) by the UnicornTeam researchers from 360 Technology, China’s leading security company, at the ongoing hacker summit Black Hat USA 2017.

In the team’s presentation, security researchers introduced one vulnerability in CSFB (Circuit Switched Fallback) in 4G LTE network.

In the CSFB procedure, the researchers found the authentication step is missing.

“Several exploitations can be made based on this vulnerability,” Unicorn Team wireless security researcher Huang Lin, told Xinhua.

“We have reported this vulnerability to the Global System for Mobile Communications Alliance(GSMA)”.


After hijacking a user’s communication, researcher signed in the user’s Google Email and clicked “forget the password”. Since Google sends verification code to the victim’s mobile, attackers can intercept the SMS text, thereby resetting the account’s password.

The victim keeps online in 4G network unaware of the attack.

A lot of internet application accounts use verification SMS to reset the login password, which means an attacker can use a phone number to start password reset procedure then hijack the verification SMS.