Printed from http://www.electronista.com

Dozens of carriers vulnerable to smartphone security exploit

updated 03:46 pm EDT, Mon May 21, 2012

Carrier security feature opens door to phishing

Smartphone users on at least 48 cellular carriers may be vulnerable to traffic hijacking and phishing attacks, according to researchers from the University of Michigan. A paper to be presented this week at the IEEE Symposium on Security and Privacy alleges that researchers were able exploit a carrier security feature to hijack connections to Facebook, Twitter, Windows Live Messenger, and the AdMob advertising network, and to spoof traffic for banks and financial institutions.

The researchers' exploit relies on a firewall on the carrier network that tracks sequence numbers for Internet connections. TCP sequence numbers are intended to allow computers to correctly reassemble data that was transmitted or received out of its proper order. By inferring TCP sequence numbers of data packets, hackers could conceivably tamper with users' Internet connections, directing them to sites other than those they intended to visit.

The exploit was tested on Android-powered HTC, Samsung, and Motorola smartphones connected to various networks across the globe. The researchers were able to redirect the phones from their intended Internet destinations, effectively bypassing security features built into both apps and smartphone operating systems. The attack could be used to send fraudulent messages on social networks, direct users to phishing sites, and even send out erroneous stock information to users' handsets.

Although the research paper does not include a full list of carriers that utilize the allegedly vulnerable technology, Ars Technica claims to have identified AT&T as one of the US carriers. An AT&T representative argued that the company cannot draw a conclusion from the report, but said that they are looking into it.

The researchers have released an app (free, Google Play Store) allowing users to find out if their network and device are vulnerable to the exploit. Electronista ran several tests from a Droid Charge on Verizon's 3G and 4G networks, however the app found no evidence of the exploitable "firewall middlebox" described in the report.



By Electronista Staff
toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Sound Blaster Roar Bluetooth speaker

There could very well be a new king of the hill for Bluetooth speakers, with Sound Blaster's recent entry into the marketplace. Bringi ...

Kenu Airframe Plus

Simple, stylish and effective, the Kenu Airframe + portable car mount is the latest addition to Kenu's lineup. Released earlier this y ...

Plantronics Rig Surround 7.1 headset

Trying to capture the true soundscape of video games can be a daunting task. Looking to surround-sound home theater options, users hav ...

Sponsor

toggle

Most Commented

 
toggle

Popular News