If you use a 4G VoLTE telephony then there is bad news for you. According to the researchers of French Company P1 Security, there are some serious loopholes and flaws in VoLTE which could be exploited by cyber-attackers and may lead to huge data theft. As the researchers says, there is “active” vulnerabilities that requires modification in special SIP packets as well as “Passive” vulnerabilities that may exposes data using monitoring of passive network and this doesn’t required SIP packet modification. Some of the vulnerabilities found by them have been listed below:
User Account Access using SIP Invite message: Whenever phone calls via VoLTE is initiated, SIP INVITE messages are exchanged between the caller and callee. The attackers on the same network can send modified SIP INVITE message in order to get the list of all the users in the network.
Free Data Channel: Without initiating the CDR module, a VoLTE customer exchange data in VoLTE networks. This means that there is no billing of data exchanged. So, Attackers can use SIP and SDP (Session Description Protocol) message for unmonitored data flow in VoLTE network. This provides the cyber-criminals a possible way to create secret data communication channels.
SIP INVITE message spoof User Identity: In SIP INVITE message, the header can be modified by crooks and can place calls using another MSISDN. This is questionable because attackers may access other personal voice mail and by pass the legal surveillance by placing call from other number. Image how dangerous it could be if a tech support scammers uses this technique spoof the phone number of genuine companies and contact with their customer to get their sensitive information including credit card details, password etc.
VoLTE equipment Fingerprinting: Now the attackers can fingerprint network equipment of any targeted operator with the help of VoLTE traffic reaching to the phone. So, crooks can carry out attacks against the mobile operator.
Possibility of victims IMEI leakage: According to research, VoLTE traffic of the smartphone that initiate the call, intermediary message exchanged before the connection establishment reveals the callee IMEI number. So, there is an overall threat for the leakage of personal information.