Due to the sophistication in the methods employed by cybercriminals, cybersecurity researchers are not only limited to developing new measures and solutions for the protection of technology users, but must also prepare for discover potential security threats, helping companies fight these attacks long before they even happen.
Recently, researchers at Bochum University in Germany posed an attack that would allow a threat actor to pose as a mobile device on 4G and 5G networks. Known as “IMP4GT”, this attack is a kind of Man-in-the-Middle (MiTM) with which a hacker could infiltrate as the medium link between the base station and the device (a smartphone), posing as the device interacting with the base and vice versa.
This attack variant focuses on LTE networks, exploiting a vulnerability present in the way mobile devices connected to these networks communicate and authenticate. To do this, the team of specialists had to find a way to impersonate the mobile device, giving them access to multiple attack vectors.
It should be noted that, even if the threat actor manages to find a middle ground between the target user and the mobile network, it would be impossible to take full control over the compromised device, so malicious activities such as access to accounts, apps and others, are not feasible using this attack variant.
David Rupprecht, responsible for this investigation, says that “while it is possible to extract some data using this attack, most of the information presented in this way is irrelevant, so this scenario does not pose a significant risk to users, at least for now.
Another obstacle for threat actors interested in exploiting this flaw is the difficulty in completing the attack, even targeting 4G network deployments. In addition, the hardware and software needed to trigger this scenario is highly specialized and sophisticated, not to mention that attackers must remain in a location too close to the target.
He is a cyber security and malware researcher. He studied Computer Science and started working as a cyber security analyst in 2006. He is actively working as an cyber security investigator. He also worked for different security companies. His everyday job includes researching about new cyber security incidents. Also he has deep level of knowledge in enterprise security implementation.