Experts warn that attackers could abuse 5G basebands to send fake messages to your contacts or even provide your login details via a website that looks very real.
During the Black Hat cybersecurity conference, a research group from Pennsylvania State University presented their vulnerability detection tool 5GBaseChecker.
5G basebands are used to connect phones to mobile networks, but they can also be abused to connect them to fake network towers controlled by an attacker.
“Completely silent” attack
The research team, consisting of Kai Tu, Yilu Dong, Abdullah Al Ishtiaq, Syed Md Mukit Rashid, Weixuan Wang, Tianwei Wu, and Syed Rafiul Hussain, made their tool available to search for vulnerable basebands from Samsung, MediaTek, and Qualcomm, which are used by a number of popular phone manufacturers including Google, Motorola, and Samsung.
Tu mentioned that one possible attack path from the fake base station would be a situation where an attacker could send a message that looks very real from a friend to the victim’s phone. This would allow convincing phishing messages to come from a supposedly trustworthy source.
Tu states that once the phone connected to the fake base station, “the security of 5G was completely broken. The attack is completely silent.”
Another possible attack method using a fake base station could be to redirect the target phone to a fake, but very realistic looking website such as a social media site or email login, and then steal the credentials used to log in. To make the attack even more exciting, the base station could also be used to downgrade the target phone to 4G, making it easier to snoop on the device.
So far, most of the vulnerabilities discovered in the basebands have been patched by the manufacturers. Spokespeople for both Samsung and Google have said that TechCrunch that the errors in their devices had now been fixed.