Unsuspecting phone users at risk: A cunning cyber-assault can covertly demote devices from 5G to 4G connectivity

Unsuspecting phone users at risk: A cunning cyber-assault can covertly demote devices from 5G to 4G connectivity

In a significant development for wireless security, researchers at the Singapore University of Technology and Design (SUTD) have demonstrated a method that allows 5G phones to be tricked into falling back to 4G networks without the need for a fake base station. The findings were first reported in late 2023.

The vulnerabilities, collectively named 5Ghoul, were uncovered in 5G modem firmware from major chipmakers, including MediaTek and Qualcomm. The issue has been assigned the identifier CVD-2024-0096 by the Global System for Mobile Communications Association (GSMA).

The toolkit used by the researchers, SNI5GECT (Sniffing 5G Inject), targets the pre-authentication phase of communication between phone and tower, where messages remain unencrypted. This allows the system to capture identifiers sent from the tower and use them to read and modify messages during this phase.

The toolkit has been tested on flagship models from Samsung, Google, Huawei, and OnePlus, with success rates between 70% and 90% when attempted from around twenty meters away. The tests also revealed the ability to intercept both uplink and downlink traffic with notable accuracy. With such access, an attacker can force a modem crash, map a device fingerprint, or trigger a switch from 5G to 4G.

The forced downgrade from 5G to 4G leaves the target open to older tracking or location attacks, as 4G carries long-known flaws. This raises questions about the resilience of current networks and the potential risks associated with these vulnerabilities.

However, it's important to note that the toolkit is not meant for criminal use but for further research into wireless security. No clear reports of real-world abuse have been reported so far, but the method is public and the software is open source, so the risk remains that skilled actors could adapt it.

While users have few direct options to block such low-level exploits, running updated antivirus software, securing credentials with a password manager, and enabling an authenticator app for accounts can reduce the impact of secondary attacks that might follow from a network downgrade.

Via The Hacker News.

Read also:

• Antitussives: List of Examples, Functions, Adverse Reactions, and Additional Details
• Impact, Prevention, and Aid for Psoriatic Arthritis During Flu Season
• Higher Smoking Mortality Rates Found in Lower Saxony Compared to National Average
• protect against SCATTERED SPIDER using Falcon Next-Gen SIEM