Security News > 2020 > August > ReVoLTE Attack Allows Hackers to Listen in on Mobile Calls
Researchers have discovered an attack on the Voice over LTE mobile communications protocol that can break its encryption and allow attackers to listen in on phone calls.
Dubbed ReVoLTE, the attack - detailed by a group of academic researchers from Ruhr University Bochum and New York University Abu Dhabi - exploits an implementation flaw in the LTE cellular protocol that exists at the level of a mobile base station.
"Eventually, the keystream reuse allows an adversary to decrypt a recorded call with minimal resources," researchers David Rupprecht, Katharina Kohls, Thorsten Holz and Christina Pöpper wrote, in a paper detailing the attack.
The attack leverages the use of encryption at the mobile cell tower, by sniffing the encrypted radio traffic of a call someone makes within the cell of a base station that uses vulnerable encryption methods, researchers wrote.
The attacker can then compare the two calls and break the encryption, which allows them to recover the previous conversation between the victim and another person.
News URL
https://threatpost.com/revolte-attack-hackers-listen-mobile-calls/158325/
Related news
- North Korean Hackers Using New VeilShell Backdoor in Stealthy Cyber Attacks (source)
- Microsoft and DOJ disrupt Russian FSB hackers' attack infrastructure (source)
- Notorious Hacker Group TeamTNT Launches New Cloud Attacks for Crypto Mining (source)
- North Korean govt hackers linked to Play ransomware attack (source)
- Hackers increasingly use Winos4.0 post-exploitation kit in attacks (source)
- Iranian Hackers Use "Dream Job" Lures to Deploy SnailResin Malware in Aerospace Attacks (source)
- Iranian Hackers Deploy WezRat Malware in Attacks Targeting Israeli Organizations (source)
- T-Mobile US 'monitoring' China's 'industry-wide attack' amid fresh security breach fears (source)
- Chinese Hackers Exploit T-Mobile and Other U.S. Telecoms in Broader Espionage Campaign (source)
- Ghost Tap: Hackers Exploiting NFCGate to Steal Funds via Mobile Payments (source)