The duo demonstrated the attacks on Samsungs Shannon line of baseband chips in front of a live audience.
The hack is done using a malicious OpenBTS base station which is located near target handsets.
Once the smartphones are in the range they will automatically hone in and connect to the bogus station.
Once connected, the malicious base station pushes firmware to the smartphones baseband processor.
Komarov says that the full impact of their research can only be known once a detailed study is done.
Our example of modifying the baseband to hijack calls is just an example, Komaromy toldVulture South.
The attack works on Samsung S6 Edge running up updated software.
I turned it on next to their radio and then dialled myself, said PacSec organiser Dragos Ruiu.
And instead of ringing on my phone it rang on theirs.
The researchers have notified their findings to Samsung.
Resource :Register
Read More
source: www.techworm.net
