A group of researchers has uncovered ten new attacks against the 4G LTE wireless data communications technology for mobile devices and data terminals.
The attacks exploit design flaws in the communications protocol and unsafe practices employed by the stakeholders and can be used to achieve things like impersonating existing users, spoofing the location of the victim device, delivering fake emergency and warning messages, eavesdropping on SMS communications, and more.
Among the uncovered attacks they consider one particularly worrying: an authentication relay attack that allows an adversary to impersonate an existing user (mobile phone) without possessing any legitimate credentials.
“Through this attack the adversary can poison the location of the victim device in the core networks, thus allowing setting up a false alibi or planting fake evidence during a criminal investigation,” they pointed out. more