We are reader supported. External links may earn us a commission.


Paper highlights VoLTE vulnerabilities: spoofing, DoS attacks, unbilled data usage

By Stephen Schenck October 19, 2015, 6:21 pm

Using high-speed, efficient LTE data networks to handle voice calls makes a lot of sense, so it’s little surprise we already see plenty of carriers supporting such VoLTE systems – a number that’s only likely to increase. But for all the promise VoLTE promises, it also represents a major shift to the way voice calls are handled by phone hardware, routed, and even billed – changes that have the potential to cause users and carriers alike a few headaches. In a recent paper, a team of researchers in South Korea and the US highlight a number of these vulnerabilities, as well as discuss ways carriers and phone makers could go about securing their systems.


For instance, right now many users taking advantage of VoLTE may have service plans offering unlimited voice minutes, but still charging users for how much data they consume. By embedding data streams within VoLTE calls, a data-cheat may be able to send large amounts of data to a remote source without it counting against his plan’s allocation.

And because VoLTE call setup and reception is handled by apps on your phone rather than the normally restricted baseband radio, it’s possible for malicious software that makes its way onto a VoLTE-enabled phone to block a user’s ability to receive calls – without the user having any on-screen indication that something’s amiss.

There’s also the potential for users who are being billed per-call to disguise video calls (which in some markets are billed distinct from voice calls) as voice traffic, and for callers initiating VoLTE calls to misrepresent their phone numbers, spoofing someone else’s identity. The researchers take the time to highlight some countermeasures companies could put in place to address many of these vulnerabilities, but with VoLTE adoption still in its infancy, it’s not clear just how seriously carriers might take all these attacks, and whether they’ll see fit to dedicating the resources to address them – concentrating instead on simply getting things working at all.

Source: Kim et al. (ACM Digital Library)
Via: Slashdot


Latest Articles


Here's how the Apple iPod changed the world in 21 years

iPod was an industry-changing device at its time, and it had a massive impact on modern smartphones, and the way we listen to music. We take a last look at the now-discontinued Apple iPod and the history it leaves behind.

By Roland Udvarlaki May 11, 2022, 10:00 am

How to use Mic Modes in VOIP and FaceTime Calls

This guide will go over the steps you need to follow to activate one of the available Mic Mode settings on Apple Devices to begin using the feature and improve your calling experience.

By Aryan Suren May 10, 2022, 10:00 am

This iPhone 14 feature might urge users to upgrade

Until now, it appeared that iPhone 14 would only be a minor upgrade over the iPhone 13 series. However, a new leak suggests that the iPhone 14 will come with one feature that might urge users to upgrade.

By Sanuj Bhatia May 9, 2022, 5:00 am