A new attack has been discovered by Chinese researchers, called ‘Ghost Telephonist’, which enables hackers to take control of a mobile phone, giving them access to all the messages and phone book content on the device.
On Sunday, a group of researchers from 360 Technology’s UnicornTeam, discovered this hack at the ongoing hacker summit Black Hat USA 2017.
According to a report by Xinhua news agency, in the team’s presentation, security researchers introduced one vulnerability in CSFB (Circuit Switched Fallback) in 4G LTE network. The authentication step was found to be missing.
“Several exploitations can be made based on this vulnerability,” Unicorn Team wireless security researcher Huang Lin, told Xinhua. We have reported this vulnerability to the Global System for Mobile Communications Alliance(GSMA).”
The team demonstrated how a Google account password can be reset using a stolen mobile number.
After hijacking a user’s communication, researcher signed in to the user’s Google Email and clicked “forget the password”. Since Google sends a verification code to the victim’s mobile, attackers can intercept the SMS text, thereby resetting the account’s password.
Since Google sends a verification code to the victim’s mobile, attackers can intercept the SMS text, and reset the account’s password.
Since the password on several online services can be reset using a verification text sent to the phone number, this attack will allow hackers to take control of the online services associated with any phone number that they take over.
According to the researchers, the attacker can also initiate a call or an SMS by impersonating the victim. The victim will not sense being attacked since no 4G or 2G fake base station is used and no cell reselection. These attacks can randomly choose victims or target a given victim.
The researchers contacted the telecom providers with suggestions on how to tackle this vulnerability and are currently working with operators and terminal manufacturers to fix it.