Security Architecture, Endpoint/Device Security, Endpoint/Device Security, Network Security, Security Strategy, Plan, Budget, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

DHS-backed researchers spot serious vulnerabilities built into phones used by all major U.S. carriers


Kryptowire researchers funded by the Department of Homeland Security reportedly have spotted vulnerabilities built into phones at all major U.S. carriers.

Mobile devices used by Verizon, AT&T, T-Mobile, Sprint and other carries were found to contain serious vulnerabilities, DHS program manager Vincent Sritapan told Fifth Domain at the Black Hat security conference in Las Vegas on Tuesday.

The vulnerabilities aren't limited to the U.S., and because of the scope of the flaw, it is possible that government officials are also at risk.

Researchers spotted a backdoor which could allow attackers to access users' data, emails and text messages without user knowledge, or allow attackers to escalate privileges and take over a device. The investigation was first triggered when researchers discovered vulnerabilities in the Blu phone company.

The DHS hasn't named the manufacturers, but said they were notified as early as February, and the researchers are expected to release more details later this week. 

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.