Researchers warn: Hackers can exploit 5G baseband flaws to spy on cell phone users
A recent discovery by researchers has raised serious concerns about cell phone security
Researchers revealed significant flaws in 5G basebands—processors that help cell phones connect to mobile networks.
The vulnerabilities, found in basebands made by Samsung, MediaTek and Qualcomm, could potentially allow hackers to spy on users without their knowledge.
A recent discovery by researchers from Pennsylvania State University has raised serious concerns about cell phone security. At the Black Hat cybersecurity conference in Las Vegas, they revealed significant flaws in 5G basebands—processors that help cell phones connect to mobile networks. These vulnerabilities, found in basebands made by Samsung, MediaTek and Qualcomm, could potentially allow hackers to spy on users without their knowledge.
The team of researchers, which includes Kai Tu, Yilu Dong, Abdullah Al Ishtiaq, Syed Md Mukit Rashid, Weixuan Wang, Tianwei Wu, and Syed Rafiul Hussain, introduced a tool called 5GBaseChecker. This custom-built tool helped them identify these security weaknesses in devices from Google, Oppo, OnePlus, Motorola, and Samsung, reports TechCrunch. They also released 5GBaseChecker on GitHub, so other researchers can use it to find similar flaws.
Also read: Mac and Windows users targeted: Hackers compromise ISP to deliver malware
According to the researchers, these vulnerabilities could be exploited by tricking phones into connecting to a fake cell phone tower. Once connected, hackers could launch attacks silently. This means that users might not even realise their devices are being compromised. For example, hackers could send convincing phishing messages pretending to be someone the user knows, or they could direct users to fake login pages for services like Gmail or Facebook to steal their credentials.
Another alarming finding was the ability to force a phone to switch from 5G to older, less secure network protocols like 4G. This downgrade makes it easier for hackers to eavesdrop on communications.
Also read: Data of 375 million Airtel India users allegedly put on sale on Dark Web, telco denies report
Fortunately, the researchers reported that most companies they contacted about these vulnerabilities have already patched the issues. Samsung and Google confirmed that they have addressed and fixed the problems in their devices.
This discovery highlights the ongoing need for vigilance in mobile security and reinforces the importance of keeping devices updated to protect against potential threats.
Also watch:
Ayushi Jain
Tech news writer by day, BGMI player by night. Combining my passion for tech and gaming to bring you the latest in both worlds. View Full Profile