Posted on July 3, 2018 at 5:15 PM
A new report issued by researchers from New York University Abu Dhabi and Ruhr-Universitat Bochum, a hacking attack by the name of aLTEr can be used for hijacking browsing sessions and spy on which websites do internet users visit.
How does aLTEr work?
The report issued by the two universities, the New York University Abu Dhabi and Ruhr-Universitat Bochum, claims that the attack is possible due to abuse of LTE connectivity’s second layer. This is the layer known as data link layer, and it usually serves to encrypt and protect data that is passing through LTE. Additionally, the layer’s design also allows it to correct various possible errors regarding the transmissions, as well as to organize the resources that the users access while on the network.
This is the part that aLTEr takes advantage of. The report says that alter can redirect network requests, and in turn, hijack the users’ browsing sessions. The report explains this in detail, saying that the data going through LTE is encrypted, but not integrity protected. This is what allows modification of the message payload. Basically, the encryption algorithm’s ciphertext can be modified and even completely changed by another, which allows later decryption to plaintext.
Researchers claim that the attack creates a special malicious cell tower that is then posted between a real cell tower an the victim of the attack. The fake tower then tries to trick the real tower by pretending to be the victim, in addition to trying to trick the victim that it is the real cell tower.
After establishing a connection, the fake tower works as a middle-man in passing the requests from the victim to the real tower. While doing this, it modifies the data points. Then, it gains the ability to modify and spoof the DNS server requests, which basically allows the attacker to send malicious websites to the victim, without them realizing it. When the victim accesses one of these malicious websites, they would enter their login credentials, which the hackers would then steal and use for their own purposes.
The attack is expensive and needs special conditions to work
Researchers estimate that the hackers would need a lot of expensive equipment to pull this kind of attack off. Additionally, they would need to be pretty close to the malicious relay in order for everything to go smoothly. Because of such requirements, it is pretty debatable whether trying such an attack can even pay off.
Not only that, but those who use a secure version of HTTP, HTTPS, can easily avoid becoming victims. Of course, there are still many websites that have yet to include HTTPS protocol, even though Google is trying its best to make them adopt the more secure standard.
Researchers have stated that the attack requires a $4,000 worth of equipment, as well as a controlled environment. However, with a lot of effort, they believe that it can be done ‘in the wild’ a well.
Now that the flaw was discovered, patching it up would be easy, were it not for the fact that the inclusion of such a patch would require a complete overhaul of the entire LTE network protocol. Still, so far, aLTEr is believed to only be possible within a research lab, but it still points out that LTE is not as safe as previously believed.