Security News > 2020 > August > ReVoLTE Attack Allows Hackers to Listen in on Mobile Calls
Researchers have discovered an attack on the Voice over LTE mobile communications protocol that can break its encryption and allow attackers to listen in on phone calls.
Dubbed ReVoLTE, the attack - detailed by a group of academic researchers from Ruhr University Bochum and New York University Abu Dhabi - exploits an implementation flaw in the LTE cellular protocol that exists at the level of a mobile base station.
"Eventually, the keystream reuse allows an adversary to decrypt a recorded call with minimal resources," researchers David Rupprecht, Katharina Kohls, Thorsten Holz and Christina Pöpper wrote, in a paper detailing the attack.
The attack leverages the use of encryption at the mobile cell tower, by sniffing the encrypted radio traffic of a call someone makes within the cell of a base station that uses vulnerable encryption methods, researchers wrote.
The attacker can then compare the two calls and break the encryption, which allows them to recover the previous conversation between the victim and another person.
News URL
https://threatpost.com/revolte-attack-hackers-listen-mobile-calls/158325/
Related news
- New ‘Rules File Backdoor’ Attack Lets Hackers Inject Malicious Code via AI Code Editors (source)
- TechRepublic EXCLUSIVE: New Ransomware Attacks are Getting More Personal as Hackers ‘Apply Psychological Pressure” (source)
- Hackers Repurpose RansomHub's EDRKillShifter in Medusa, BianLian, and Play Attacks (source)
- Chinese FamousSparrow hackers deploy upgraded malware in attacks (source)
- North Korean hackers adopt ClickFix attacks to target crypto firms (source)
- Russian hackers attack Western military mission using malicious drive (source)
- Hackers Abuse Russian Bulletproof Host Proton66 for Global Attacks and Malware Delivery (source)
- Hackers abuse Zoom remote control feature for crypto-theft attacks (source)
- DPRK Hackers Steal $137M from TRON Users in Single-Day Phishing Attack (source)
- Lazarus hackers breach six companies in watering hole attacks (source)