Skip to main content

Hackers can hijack data over LTE using 'aLTEr' attack

posted onJuly 5, 2018
by l33tdawg

Hackers could hijack your browsing session and snoop on the websites you visit over an LTE connection using an attack called aLTEr.

According to university researchers, the attack technique abuses a second layer of LTE connectivity called the data link layer, normally designed to protect data going across LTE with encryption, as well as organising how resources are accessed on the network and correcting transmission errors. But aLTEr has been designed to redirect network requests and hijack browsing sessions, as well as redirect network requests, through DNS spoofing.

"The aLTEr attack exploits the fact that LTE user data is encrypted in counter mode (AES-CTR) but not integrity protected, which allows us to modify the message payload: the encryption algorithm is malleable, and an adversary can modify a ciphertext into another ciphertext which later decrypts to a related plaintext," explained David Rupprecht, Katharina Kohls, Thorsten Holz, and Christina Pöpper, from Ruhr-Universität Bochum and New York University Abu Dhabi.

Source

Tags

Security

You May Also Like

Recent News

Friday, November 29th

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th