Android users running AT&T and Verizon networks may be susceptible to distributed denial of service (DDoS) attacks.
The alert comes from a new advisory posted by Carnegie Mellon University CERT database, which shows that the vulnerability allows hackers to target LTE networks and users.
The reason for this vulnerability is primarily due to the way LTE works. Unlike conventional data transfer methods of circuit switching, LTE uses packet switching. The research says that this new method allows hackers to use the SIP protocol to enable a new set of attack vectors via wireless networks.
If this loophole is exploited, denial of service attacks can be carried out on these networks and data exploitation along with ‘silent calls’ can be executed, allowing for unlimited phone calls and use of large amounts of data without any records of them in bills.
According to the researchers, every Android OS version released to date could be affected by this vulnerability. Google has already been notified about this massive flaw, and has been advised to escalate its permissions on Android. Apple on the other hand has said that its phones aren’t affected by this LTE security flaw.
Google itself is likely to release a security update very quickly for its supported Nexus devices to take counter-measurements against the issue. If you have a carrier-provided phone from LG, Samsung, or other brands however, chances are you’ll have to wait a while. Carriers are notorious for releasing updates on snail-like pace.