Security researchers have been able to find a way to listen in on phone calls made through a Samsung smartphone by using a malicious base station, the full extent of this vulnerability is unclear but it does affect the company’s recent high-end devices like the Galaxy S6 and the Galaxy S6 edge. It’s classified as a “man-in-the-middle” attack, discovered by researchers Daniel Komaromy and Nico Golde, it involves setting up a malicious base station close to the target device which then automatically connects due to a vulnerability in Samsung’s “Shannon” line of baseband chips.
Once the handset is connected the base station pushes firmware to its baseband processor, a chip that handles voice calls, and that firmware routes the calls through the malicious base station from where they are directed to a proxy that records calls and sends them to the attacker. All of this happens without the user ever knowing about it, they can continue to make and receive calls while they’re recorded in the background as if the line had a wiretap on it. The researchers have not made the full details of this attack public for obvious reasons but they have disclosed it to Samsung which will hopefully have a fix ready in the near future.