4G and 5G Cell Phones Vulnerable to Getting “Torpedoed”

SHARE THIS ARTICLE

According to The Hacker News, there are new cyber threats on the attack, the most insidious, being a torpedo hit. “Torpedo” stands for “TRacking via Paging mEssage DistributiOn.”  

Spammers have figured out a way to tap into a 4G or 5G LTE phone that is currently in idle mode.  Prior to receiving a call or text message, your phone is paged by the cellular network to let the phone know that a message is arriving. 

The paging system uses an ID mechanism, TMSI (Temporary Mobile Subscriber Identity) that identifies the recipient and is a fixed value.  

An attacker who is monitoring transmissions can “sniff” out a recipient by latching on to the TMSI. The victim is then vulnerable to receiving false text messages and denial-of-service attacks. In addition, researchers found that, “If the attacker is aware of the victim’s often-visited locations, then the attacker can set up sniffers on those locations to create the victim’s cell-level mobility profile.”  A savvy attacker can even take over an entire paging channel by tracking back repeated contacts from the compromised phone.

Similar to a TMSI tag, an IMSI (International Mobile Subscriber Identity) is a unique identity code.  The victim of a PIERCER (Persistent Information ExposuRe by the CorE netwoRk) attack could have their phone number hijacked by a third party whose phone number piggybacks on the victim’s IMSI.

February 28, 2019

Reader Interactions

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.