NEW YORK: Security researchers have discovered a way to intercept calls made by several Samsung smartphones. At the Mobile Pwn2Own competition this week, researchers demonstrated a vulnerability in the Samsung Galaxy S6, Galaxy S6 Edge, and Galaxy Note 4 that allowed them to trick the handsets to connect to a malicious base station to gain access to calls and messages originating from/ terminating on the phone.
Daniel Komaromy and Nico Komaromy revealed a “man-in-the-middle” vulnerability in the Shannon-branded baseband chips – constituting modem, RF transceiver, and tracking IC – used in the aforementioned handsets. The researchers set up a base station, which is required to connect a mobile phone to the wider telephone network, and found that Samsung handsets quickly established connections with it. This allowed the researchers to intercept calls and messages sent and received through the base station.
