Researchers find 36 new security flaws in LTE protocol

4G LTE antenna

A group of academics from South Korea have identified 36 new vulnerabilities in the Long-Term Evolution (LTE) standard used by thousands of mobile networks and hundreds of millions of users across the world.

The vulnerabilities allow attackers to disrupt mobile base stations, block incoming calls to a device, disconnect users from a mobile network, send spoofed SMS messages, and eavesdrop and manipulate user data traffic.

They were discovered by a four-person research team from the Korea Advanced Institute of Science and Technology Constitution (KAIST), and documented in a research paper they intend to present at the IEEE Symposium on Security and Privacy in late May 2019.

Vulnerabilities found using fuzzing

The research team’s discoveries aren’t exactly new. Several academic groups have identified similar vulnerabilities in LTE over the past years on numerous occasions –July 2018, June 2018, March 2018, June 2017, July 2016, October 2015 (paper authored by another KAIST team).

These vulnerabilities have been the driving force behind efforts to create the new and improved 5G standard –which, unfortunately, isn’t that secure either, with some researchers already poking holes in it as well.

But what stands out from previous work is the sheer number of vulnerabilities the KAIST team discovered, and the way they did it.

The Korean researchers said they found 51 LTE vulnerabilities, of which 36 are new, and 15 have been first identified by other research groups in the past.

They discovered this sheer number of flaws by using a technique known as fuzzing –a code testing method that inputs a large quantity of random data into an application and analyzes the output for abnormalities, which, in turn, give developers a hint about the presence of possible bugs.

Fuzzing has been used for years, but mainly with desktop and server software, and very rarely for everything else.

KAIST built its own LTE fuzzer

According to the KAIST paper, seen by ZDNet prior to the IEEE presentation, researchers built a semi-automated testing tool named LTEFuzz, which they used to craft malicious connections to a mobile network, and then analyze the network’s response.

The resulting vulnerabilities, see image below or this Google Docs sheet, were located in both the design and implementation of the LTE standard among the different carriers and device vendors.

LTEFuzz results

LTEFuzz results

Image: Kim et al.

The KAIST team said it notified both the 3GPP (industry body behind LTE standard) and the GSMA (industry body that represents mobile operators), but also the corresponding baseband chipset vendors and network equipment vendors on whose hardware they performed the LTEFuzz tests.

Because the flaws reside in both the protocol itself and how some vendors have implemented LTE in their devices, researchers believe many other flaws still exist in the real world.

Furthermore, their fuzz testing procedures worked with LTE connections in their initial states, before any exchange of cryptographic keys, meaning more security flaws may be waiting to be discovered in future tests, which researchers said they plan to undertake.

Additional details can be found in the KAIST team’s paper, entitled “Touching the Untouchables: Dynamic Security Analysis of the LTE Control Plane.”

More vulnerability reports:

About the author

E-Crypto News was developed to assist all cryptocurrency investors in developing profitable cryptocurrency portfolios through the provision of timely and much-needed information. Investments in cryptocurrency require a level of detail, sensitivity, and accuracy that isn’t required in any other market and as such, we’ve developed our databases to help fill in information gaps.

Related Posts

E-Crypto News Executive Interviews

Crypto Scams

Beanstalk Farms Loses $80M In A Massive DeFi Governance Flash-Loan Hack
Beanstalk Farms Loses $80M In A Massive DeFi Governance Flash-Loan Hack
April 23, 2022
Prove
Joon Pak Head of Crypto at Prove talks to Us about Crypto Fraud And More
April 11, 2022
Mintable
Mintable CEO Zach Burks Talks to Us about the Opensea Stolen NFTs and Their Recovery
March 21, 2022
Crypto Crime
Crypto Crime Surges To Record Highs As Thieves Follow Market Buzz – Chainalysis 2022 Report
February 24, 2022
Bots Circumvent 2FA Login At Coinbase And Other Crypto Exchanges In 2022
Bots Have Circumvented 2FA Logins At Coinbase And Other Crypto Exchanges In 2022
February 17, 2022

Automated trading with HaasBot Crypto Trading Bots

Blockchain/Cryptocurrency Questions and Answers

Russia
Roundtable Interview-What is the Effect of The Russia-Ukraine War on Cryptocurrency Prices?
March 4, 2022
GamStop
How Does Bitcoin Casino Work + 2021 Beginner’s Guide
November 8, 2021
Cryptocurrency
How to Buy and Sell Cryptocurrency
November 8, 2021
What Are Bitcoin Futures And How Will They Work In 2022?
November 4, 2021
Ethereum
The Unconventional Guide to Ethereum
October 28, 2021


CryptoCurrencyUSDChange 1hChange 24hChange 7d
Bitcoin29,978 0.37 % 2.06 % 1.72 %
Ethereum1,995.8 0.42 % 0.62 % 4.74 %
Tether1.001 0.10 % 0.01 % 0.00 %
BNB332.44 0.18 % 1.30 % 8.45 %
USD Coin0.9989 0.16 % 0.08 % 0.04 %
XRP0.4095 0.16 % 0.26 % 6.76 %
Binance USD0.9988 0.06 % 0.17 % 0.27 %
Cardano0.9566 0.22 % 0.68 % 6.96 %
Solana49.39 0.64 % 0.75 % 13.98 %
Polkadot10.08 1.21 % 1.11 % 8.77 %

bitcoin
Bitcoin (BTC) $ 30,081.00
ethereum
Ethereum (ETH) $ 2,007.06
tether
Tether (USDT) $ 0.999633
bnb
BNB (BNB) $ 334.40
usd-coin
USD Coin (USDC) $ 1.00
xrp
XRP (XRP) $ 0.411075
binance-usd
Binance USD (BUSD) $ 1.00
cardano
Cardano (ADA) $ 0.526941
solana
Solana (SOL) $ 49.79
polkadot
Polkadot (DOT) $ 10.21