DeepSec 2018 Talk: New Attack Vectors for the Mobile Core Networks – Dr. Silke Holtmanns / Isha Singh

Sanna/ September 19, 2018/ Conference

DeepSec has a long tradition of tackling the security of mobile networks and devices alike. The first DeepSec conference featured a presentation about the A5/1 crack. Later one we offered trainings covering mobile network security and weaknesses. So we are proud to announce Isha Singh’s and Silke Holtmanns’ talk about new attack vectors. Here is a brief summary: “Roaming or being called from abroad is being something we take for granted.”, says Silke Holtmanns. “Technically it implies that large networks communicate with each other across geographical and political boundaries. Those communication and the network behind is not well known and understood by most cellular users. This network, its background, security and usage will be explained. We will highlight the attack vectors for 2G, 3G and 4G networks and give an outlook on 5G. We

Read More

Subverting Femto Cells – Infrastructure at Risk

René Pfeiffer/ July 14, 2011/ Security

The past DeepSec conferences featured talks about mobile telecommunication networks. Security researchers had to turn mobile phones into base stations or create their own from hardware and software. Yesterday The Hacker’s Choice have published a security analysis of Vodafone’s Femto Cells. These cells are small routers used for boosting the 3G signal. They cost about 160£ and can be purchased through the Vodafone store. Reverse engineering turns these little routers into full-blown 3G/UMTC/WCDMA interception devices. You can catch IMSIs and retrieve the secret subscriber information by requesting it from the core network. By using this secret key material you can decrypt intercepted phone calls and data transmissions. The reverse engineering process even produced the root password of the device (it’s ceolyx, but you need to decrypt it; other blogs feature the full plaintext password). This

Read More