Follow Slashdot blog updates by subscribing to our blog RSS feed

 


Forgot your password?
Close
typodupeerror
×
Cellphones Communications Encryption Network

4G and CDMA Reportedly Hacked At DEFCON 139

Posted by CmdrTaco from the hack-and-slash dept.
An anonymous reader writes "At the DEFCON 19 hacking conference it seems that a full man-in-the-middle (MITM) attack was successfully launched against all 4G and CDMA transmissions in and around the venue, the Rio Hotel in Las Vegas. This MITM attack enabled hackers to gain permanent kernel-level root access in some Android and PC devices using a rootkit, and non-persistent user space access in others. In both cases, whoever launched this attack on CDMA and 4G devices was able to steal data and monitor conversations. For now the only evidence that such an attack occurred is a Full Disclosure mailing list post, but in the next few hours and days, depending on the response from cellular carriers, we should know whether it's real or not."
This discussion has been archived. No new comments can be posted.

4G and CDMA Reportedly Hacked At DEFCON More

4G and CDMA Reportedly Hacked At DEFCON

Comments Filter:

  • Relation between MITM and rootkit (Score:4, Informative)

    by Bromskloss ( 750445 ) <auxiliary.addres ... l.com minus city> on Wednesday August 10, 2011 @10:30AM (#37043930)

    Achieving MITM status is a very different thing from installing a rootkit, in my mind. The summary left out how the two could be connected but the article mention something about it:

    Coderman’s report suggests that, like Wi-Fi MITM, which regularly harasses surfers at DEF CONs and other hacker conventions, the attackers were able to inject custom packets into the 4G and CDMA data stream. These forged packets allowed the attackers to create on-screen prompts that, if clicked, installed a rootkit on the PC or Android device.

    So, to install the rootkit, you also need to exploit a bug in the user. Where do I file the bug report?

  • Really surprised... not. (Score:5, Informative)

    by ewanm89 ( 1052822 ) on Wednesday August 10, 2011 @10:53AM (#37044158) Homepage
    This is DEFCON, it's like putting every army and mercenary group in the world in one room without disarming them first. There is a reason why the DEFCON wireless network is described as the most hostile network on earth, it's more hostile than the internet itself.

  • Re:Relation between MITM and rootkit (Score:3, Informative)

    by Anonymous Coward on Wednesday August 10, 2011 @11:32AM (#37044606)

    The injected rootkits were specific to different android builds and phones. On some no prompt was needed, on others if a prompt was accepted we saw the phones get completely destroyed by the rootkits or have the microphones turned on. The WiMax in particular discussion is not LTE, but it is likely that LTE was compromised as well because the hardware required to MiTM WiMax would be software defined radio systems which could just as easily be programmed for 4G as 4G LTE emulation. No upgrades or installs or prompts were required for rooting, it was a progressive system of attacks whereby low-hanging fruit was plucked first, and later the horrific 0days came out to play.

Slashdot Top Deals

The one day you'd sell your soul for something, souls are a glut.

Close