Flaws in Mobile Networks Let Attackers to Launch DoS and MitM Attacks

Security researchers have detected a vulnerability in a handover that is generally attacking modern cellular networks. 

This vulnerability could be exploited by the threat actors with the motive to launch denial-of-service (DoS), and man-in-the-middle (MitM) attacks just by using low-cost equipment.


Handover is a process in telecommunications, and in this process, the phone call or a data session is transmitted from one cell site to another cell tower, outwardly losing connectivity during the message.

However, this vulnerability is attacking different handovers, and all the cases are based on unverified measurement information and signal strength thresholds.


After knowing about the vulnerabilities, the security experts started their approach in a sequential, that is to starting pre-handover, concluding with post-handover weaknesses. 

However, during that time some vulnerabilities have been noted that we have mentioned below:-

  • Insecure Broadcast Messages
  • Unverified Measurement Reports
  • Missing Cross-Validation in Preparation Phase
  • RACH Initiation without Verification
  • Missing Recovery Mechanisms
  • The difficulty of Distinguishing Network Failures from Attacks

Attack Steps

Moreover, the threat actors noted some other points, and they have used different steps while attacking; that’s why we have mentioned the attack steps below:-

  • Initial Reconnaissance
  • Determining the Network Structure
  • Selecting the Target
  • Configuring the False Base Station
  • Handover Exploitation

Fake base stations used to attract devices

In the first phase, the threat actor makes use of a smartphone with the motive to collect data that are present nearly to the legitimate stations.

According to the report, Once the data are collected, then the threat actors configure a rogue base station that imitates a genuine cell station. However, in this attack, the victim is forced to connect their device to the false station broadcasting master information block (MIB). 

After that, the system information block (SIB) messages help to connect the system to the higher base station. Behind all these methods, the main motive of the threat actors is to trigger a handover event and to exploit security flaws in the procedure to result in:- 

  • DoS attacks
  • MitM attacks

However, the experts are able to verify the DoS attacks and the MitM attacks, and they expressed that in this vulnerability, information leakage is possible by using both open sources and closed source software.

So, the users need to be stay altered from this kind of attack, as it can have a lot of impact on the victims.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.