Researchers from University in Bochum, Germany has found a method to eavesdrop on the 4G calls made between two people, who are talking on the same cell tower. This attack is named ReVoLTE and revealed that several mobile operators across the world are vulnerable to this attack. A fix for this was deployed after working with the GSM Arena.
A New Way to Snoop on Others!
LTE is the current widespread standard we all are using now. The VoLTE is a part of the whole LTE network and transmits users phone calls encrypted over the network by default. The standard procedure of this process needs the mobile operators using different encryption key for every call made over the network.
But, the researchers here have found that about 80% of the German mobile operators were using the same encryption key for all 4G calls made between users, who’re on the same mobile cell tower (base station). Researchers say to pull this attack off, it would cost equipment worth $7,000 but is easy to decipher secret conversations.
They have demonstrated this in the above video that, the attacker has to call any one of the targets and talk for a certain time. The more time they talk, the better, as they can capture much of the other call. Upon recording the call, the attacker then needs to compare both the calls to checkout for the encryption key, which would be same for both the calls if the targets are on the same base station.
They can then easily decrypt the previous call, which the target has spoken. Researchers have reported this to GSM Arena and came up with a fix. While many German mobile operators have patched this, others across the world are still vulnerable to this. Thus, the researchers have also released an app for mobile operators to check if they’re vulnerable to this ReVoLTE attack.
Other Trending News:- News