LTE Network Protocol exists flaw that hacker can be hijacked remotely
The Long Term Evolution (LTE) mobile device standard is currently used by millions of users worldwide, all of which are repairing the significant security shortcomings of Global System for Mobile Communications (GSM). Two of these changes are the two-way interactive authentication between the base station and the end user, and the use of an encryption scheme that has undergone post-graduation. However, security developers have recently found deficiencies in the LTE network, allowing attackers to send malicious sites to users near the base station and to understand the site history users visit.
This is due to the vulnerability of the LTE standard itself, and the systematic attack is effective. The most critical shortcoming of LTE is that the form of encryption does not protect the integrity of the data. Lack of data authentication allows an attacker to manipulate the IP address in an encrypted packet secretly.
The attack technology is called aLTEr, and security researchers can already let terminal phones access malicious DNS servers, and even redirect users to malicious servers that pretend to be HotMail. Also, two vulnerabilities cover the way LTE maps users and can steal sensitive information when the end user and the base station exchange data.
In a paper published on Thursday, security researchers said that as long as about $4,000 equipment is available, they can attack end-users with a target range of approximately one mile. Because these vulnerabilities are design flaws in the development process of the LTE specification, it is currently impossible to repair them. For end users, they can only access the HTTPS website and DNS Security Extensions to ensure security.