A newly-discovered vulnerability affecting at least 48 mobile operators worldwide leaves their smartphone users vulnerable to internet attack traffic, security researchers have warned.
Ars Technica
reported
Some firewall boxes allow hackers to infer this sequence, and this allows cellular internet connections to be hijacked and intercepted, according to researchers from the University of Michigan in the USA.
These researchers were able to hijack Android devices connected to a major mobile operator, including unencrypted connections to services including Facebook and Twitter. They were also able to spoof traffic from the web services - including banking services.
While the exploit was tested on Android, the researchers state that there's no reason it wouldn't work on other devices including iPhones.
TCP sequence numbers were able to be inferred for the firewalls used by 48 of 150 mobile operators tested worldwide. The firewalls were manufactured by major vendors including Cisco, Juniper and Check Point.
The exploit works because the firewall systems are designed to keep track of the sequence numbers, and drop data packets that contain invalid numbers, the researchers have revealed.