Researchers have found a security hole in a system used by global cellphone carriers that can open the door for hackers to eavesdrop on private phone calls, text messages and data traffic on a large scale.
The security flaws discovered by the Berlin-based Security Research Labs could affect a telecommunications standard known as Signaling System 7, or SS7, which is used by cell phone carriers to manage connections between cellular networks.
The flaws include functions that are built into SS7 such as keeping calls connected as users speed down highways as well as switching between cell towers.
The German researchers said a skilled person could use the shortcomings for surveillance of mobile phone traffic.
“Given how valuable such spying capabilities are to states and other criminal actors, I would be very surprised if we are first to find these hacking vectors,” company researcher Karsten Nohl said Friday.
Nohl further said cellphone companies were quietly informed of the problematic issue earlier this month.
Two German mobile firms, T-Mobile and Vodafone Deutschland, have said they have adopted measures to prevent hackers and spies from exploiting the deficiency.
Nohl also said cell phone carriers could easily fix the issue by blocking certain network requests submitted over SS7 by other companies, adding, “We were really surprised that most of them don’t do that.”
The details of the problem are slated to be presented at a computer security conference in Hamburg, Germany, next week.
- 50,000 Antifa Plan to Violently Block AfD congress, Germany imposes No-Fly Zone
- Iraqi arrested in connection with Dortmund bus attack led ISIS unit
- Heinrich Himmler's letter to Palestinian Arab leader discovered
- Somali Asylum Seeker Kills Woman, Rapes 2 Disabled Elderly Men in Germany
- Libyan Human Smugglers Colluding with EU Charities