4G and 5G Cell Phones Vulnerable to Getting “Torpedoed”


Share on facebook
Share on google
Share on twitter
Share on linkedin

According to The Hacker News, there are new cyber threats on the attack, the most insidious, being a torpedo hit. “Torpedo” stands for “TRacking via Paging mEssage DistributiOn.”  

Spammers have figured out a way to tap into a 4G or 5G LTE phone that is currently in idle mode.  Prior to receiving a call or text message, your phone is paged by the cellular network to let the phone know that a message is arriving. 

The paging system uses an ID mechanism, TMSI (Temporary Mobile Subscriber Identity) that identifies the recipient and is a fixed value.  

An attacker who is monitoring transmissions can “sniff” out a recipient by latching on to the TMSI. The victim is then vulnerable to receiving false text messages and denial-of-service attacks. In addition, researchers found that, “If the attacker is aware of the victim’s often-visited locations, then the attacker can set up sniffers on those locations to create the victim’s cell-level mobility profile.”  A savvy attacker can even take over an entire paging channel by tracking back repeated contacts from the compromised phone.

Similar to a TMSI tag, an IMSI (International Mobile Subscriber Identity) is a unique identity code.  The victim of a PIERCER (Persistent Information ExposuRe by the CorE netwoRk) attack could have their phone number hijacked by a third party whose phone number piggybacks on the victim’s IMSI.

February 28, 2019

Reader Interactions

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.