Your iPhone Can Be Hijacked
AT&T’s cellular network is vulnerable to malicious hackers. Due to vulnerabilities hackers can ultimately hijack your data, along with 47 other cell phone carriers.
Some researchers from the University of Michigan have discovered that hackers can also intercept information such as calls, text messages, and cellular data.
The vulnerability affects all AT&T smartphones, tablets, and computers using cellular connect cards, including Android devices and the iPhone. The vulnerability is a problem because once the data is intercepted, a malicious hacker can inject malicious data into the traffic that would pass between devices and ultimately leaves the user unknowingly affected.
This kind of hijacking gives the malicious hacker the ability to redirect phone users to duplicitous Web sites, which attempt to mimic those of legitimate ones to steal user login credentials and scam people out of their money.
Ars Tecnhica has reported that the vulnerability is caused by a firewall system that AT&T (and other carriers) implemented to attempt to keep hackers out of the cellular data. With that being said, the security measure ironically turns out to be the cellular carrier’s Achilles’ heel:
Originally Posted by Ars Technica
“The TCP sequence number inference attack opens up a whole new set of attack venues,” the researchers from the University of Michigan’s Computer Science and Engineering Department wrote in a research paper scheduled to be presented at this week’s IEEE Symposium on Security and Privacy. “It breaks the common assumption that communication is relatively safe on encrypted/protected WiFi or cellular networks that encrypt the wireless traffic. In fact, since our attack does not rely on sniffing traffic, it works regardless of the access technology as long as no application-layer protection is enabled.”
Since the attack is performed by intercepting data, the information the user sends out never actually reaches the server it is supposed to. In fact, in the instance of being hijacked, the information the user sends out goes right to the hacker and is then sent back to the user with the hacker’s malicious spice mixed into the data. For example, a user trying to send information to a banking server would, in reality, be sending information to the hacker and receiving non-legitimate feedback. The cellular firewall system acts as a go-between for the user and the hacker.
The hijacking vulnerability is just another reason for users to not should not rely on an open, public network to do their banking, personal Facebooking, and other things that can cause detrimental damage to them. Cellular networks are as public as unsecured Wi-Fi networks. Banking and Facebooking should be saved for your personal computer on wired or secured Wi-Fi networks such as that in your home as this will be a way of guarding yourself from this cellular hijacking.