Beware! if you are using mobile services running on 4G, also known as LTE network. As hackers can hijack your data over LTE using aLTEr Attack.
Hackers can hijack your data over LTE using aLTEr attack
A team of University researchers found a critical vulnerability in today’s mostly used LTE network. This vulnerability could allow an attacker to modify the contents of user’s communication, spy on user’s cellular network and even can re-route user to a malicious website.
LTE is the latest mobile standard for high-speed wireless communication used by billions of people around the globe.
What is 4G LTE vulnerability
Security Researchers at New York University Abu Dhabi and Ruhr-Universität Bochum have developed three attacks against LTE that allows them to trace user’s identity, visited websites and redirect them to the malicious website by tempering with DNS lookups. Researchers explained all of the three attacks on this website.
Out of the three identity mapping and website fingerprinting developed by researchers are passive attacks, in which the attacker listen to the data passing between the base station and end user over the airwaves from the target phone.
The third DNS Spoofing attack named aLTEr by the team is an active attack. aLTEr allows an attacker to perform the Man-in-the-Middle attack to intercept the communication and redirect the victim to a malicious website.
How aLTEr attack works?
In the above demonstration, the researchers showed how an attacker could redirect DNS requests and perform a DNS spoofing attack. This caused the victim device to use malicious DNS server that redirects the victim to a malicious website.
They set up DNS server and HTTP server to simulate how an attacker can redirect network connections and steal credentials.
aLTEr attack is dangerous but difficult to perform. This attack could not be used by everyone as this requires the pieces of equipment worth ~$4,000. However, for an intelligence agency and skilled hacker, using this attack is not so difficult.
How to protect yourself from this attack?
The most common and simplest way to protect yourself from this attack is to always look out for the HTTPS domain in your address bar.
The team suggested two countermeasures for all LTE carriers:
1. Update the Specification
All LTE carrier may band together to fix this vulnerability by updating the specification to use an encryption protocol with authentication AES-GCM or ChaCha20-Poly1305.
2. Correct HTTPS Configuration
Another solution to DNS spoofing attack is possible when all website uses HTTP or HSTS policy and users are also aware of this. This would work as an additional layer of protection.
- What is Peer to Peer network? and Why Torrent is Illegal?
- How to check a website is safe or not?
- Instagram Exploit Being Sold to Hack Instagram Account
- Unknown iPhone Facts You Should Know About