Hackers can Record Phone Calls on Modern Samsung Galaxy Handsets

The recent versions of Samsung Galaxy can have all their phone calls recorded using an OpenBTS, a malicious base station.

A base stations work as a fake telephony towers, they  are used for testing and debugging in laboratory.

Two German security researchers, Daniel Komaromy and Nico Golde, showed how base stations can easily fool Samsung Galaxy’s handset and have them connected to their network, at the PacSec security conference  in Tokyo, Japan.

They used  the latest versions of Samsung’s Galaxy S6, Galaxy S6 Edge, and Galaxy Note 4 families. The common thing about these phones is Samsung’s line of “Shannon” baseband chips, which is used to handle telephony features.

When hacker uses the OpenBTS base  for transmitting malicious firmware update to the baseband chip then it has higher possibility of attack.

This firmware is capable of rerouting all  the phone calls through proxy, and can record   phone calls and spy on their victims without being noticed.

Researchers reported technical details to Samsung’s team, and  the company has started work on a patch to fix the issue.

Leave a Reply