Security Flaws in 4G VoLTE
Research paper: “Subscribers remote geolocation and tracking using 4G VoLTE enabled Android phone,” by Patrick Ventuzelo, Olivier Le Moal, and Thomas Coudray.
Abstract: VoLTE (Voice over LTE) is a technology implemented by many operators over the world. Unlike previous 2G/3G technologies, VoLTE offers the possibility to use the end-to-end IP networks to handle voice communications. This technology uses VoIP (Voice over IP) standards over IMS (IP Multimedia Subsystem) networks. In this paper, we will first introduce the basics of VoLTE technology. We will then demonstrate how to use an Android phone to communicate with VoLTE networks and what normal VoLTE communications look like. Finally, we will describe different issues and implementations’ problems. We will present vulnerabilities, both passive and active, and attacks that can be done using VoLTE Android smartphones to attack subscribers and operators’ infrastructures. Some of these vulnerabilities are new and not previously disclosed: they may allow an attacker to silently retrieve private pieces of information on targeted subscribers, such as their geolocation.
Bob Dylan's Flaming Hair • June 13, 2017 8:59 AM
Not sure why the focus is on geolocation. All 4G LTE phoneshave GPS built in. Since 90% of consumers have that turned on there are more effective ways to get geolocation data–like offering users a free app so they give up their location voluntarily. In short, why would anyone spend all the time seeking out backdoors when they can stroll right in the front door and take all they want?