.jpg) |
Two Russian security researchers have discovered
that majority of 3G and 4G USB modems provided by mobile operators to their
subscribers are wide open to attacks. The researchers tested many 3G and 4G
sticks obtained from Russian telcos over the past few months and found out that
they pose a serious security threat. The USB modems in question were mostly
produced by Chinese hardware manufacturers Huawei and ZTE, which are sold not
only in Russia, but all over the world with various mobile operators’ stickers
on top.
However, the researchers Nikita Tarakanov and Oleg Kupreev had no possibility
to test baseband attacks against Qualcomm chips used in the modems. The matter
is that under Russian laws you cannot own a GSM base station unless you are an
intelligence agency or a telecom operator. This is quite surprising, because
almost all Russian oligarchs, politicians and crime bosses have a KGB
background.
Due to this limitation, there’s still a lot of research to be done, but the
experts have already managed to show many ways to attack the modems through
software vulnerabilities. Many modems are identical, and their software is
therefore very similar. This is why one can make an image of the modem’s file
system, alter it and save it back on the modem.
One of the researchers pointed out that it appeared surprisingly easy to modify
the software with the help of free instruments available from Huawei and other
developers. Malware has no problem to detect the type of modem used and crack
it with malicious customizations of the code. Since the configuration files
stored on the modem are in plain text, they can be easily modified, thus
allowing the attackers to reroute traffic to their servers and redefine DNS
servers used for broadband connection. The intruders can also tinker with
custom configuration drives to force modems install malware instead of an
antivirus program.
Finally, most modems are set to automatically update software from a single server, but the intruders could potentially compromise the update server and take over heaps of modems handed out by multiple carriers. In the meanwhile, the researchers admitted they didn’t even look for the flaws in the actual modem drivers installed in the operating system, though they were quite confident that they also have vulnerabilities.
Be in touch.....
0 comments:
Post a Comment