Security researchers find a way to listen in on calls made from Samsung smartphones

Security researchers have been able to find a way to listen in on phone calls made through a Samsung smartphone by using a malicious base station, the full extent of this vulnerability is unclear but it does affect the company's recent high-end devices like the Galaxy S6 and the Galaxy S6 edge. It's classified as a “man-in-the-middle” attack, discovered by researchers Daniel Komaromy and Nico Golde, it involves setting up a malicious base station close to the target device which then automatically connects due to a vulnerability in Samsung's “Shannon” line of baseband chips.

Once the handset is connected the base station pushes firmware to its baseband processor, a chip that handles voice calls, and that firmware routes the calls through the malicious base station from where they are directed to a proxy that records calls and sends them to the attacker. All of this happens without the user ever knowing about it, they can continue to make and receive calls while they're recorded in the background as if the line had a wiretap on it. The researchers have not made the full details of this attack public for obvious reasons but they have disclosed it to Samsung which will hopefully have a fix ready in the near future.

Via

Adnan Farooqui - Executive Editor

[email protected]

First Samsung device: SGH-E900

Adnan Farooqui is a long-term writer at SamMobile. Based in Pakistan, his interests include technology, finance, Swiss watches and Formula 1. His tendency to write long posts betrays his inclination to being a man of few words.

Phone Galaxy S6 Galaxy S6 Edge