Global mobile security vulnerabilities“for the benefit of the”hack-vulnerability warning-the black bar safety net

ID MYHACK58:62201457138
Type myhack58
Reporter 佚名
Modified 2014-12-21T00:00:00


German researchers said that global mobile phone operators the use of a system security vulnerabilities allow hackers to large-scale monitoring of mobile phone users traffic as possible.

This security issue relates to the distribution standard system Signaling System 7, or SS7 in. The system is mobile phone operators to manage mobile network connections. In this year 8 months to discover this security and the Berlin security research labs said that knowledgeable people can use this security vulnerability to interception or monitoring billions of phone calls, text messages and data traffic.

“Such a monitoring function for any state and criminals, it has an invaluable role. If we are the first to discover the flaw, then we will feel very shocked.” Researchers Karsten-Knoll(Karsten Nohl on Friday said.

Noel said, the beginning of the month, they have quietly informed the phone company of this security vulnerability. The United States the Washington Post and Germany's Sueddeutsche Zeitung under the Sueddeutsche Zeitung on Thursday of this were reported.

There are at least two German mobile phone company T-Mobile and Vodafone Deutschland, said they have taken appropriate measures to prevent criminals and spies use this vulnerability to monitor a mobile phone users.

Global system for mobile communications Association GSMA also said that it has been informed of this security breach, and expect next week in Hamburg, Germany, held a computer security conference on a learn more about this security vulnerability details.

The GSMA, a spokesman said, the security vulnerability affects 2G and 3G networks, but still not on the latest 4G network pose a threat.

“The GSMA informed of the results of these studies will help us conduct a preliminary analysis, thinking about its potential impact, as well as to our Association members, including mobile network operators and infrastructure providers, to provide the corresponding recommendations to minimize its risk.” Claire-Scranton(Claire Cranton)the U.S. The Associated Press said.

Noel noted that mobile phone operators can easily shut down this security loophole, they just need to stop the other company through the SS7 system to submit certain network requests can be. The SS7 system is a follows the 3 0 year old system.

[1] [2] next