The 3G and 4G devices deployed worldwide are vulnerable to IMSI catcher aka Stingray devices. The next generation 5G network may address user's privacy issues related to these IMSI catcher attack techniques. However in this talk, we introduce new attack vectors that enable tracking and activity monitoring of mobile users.
In particular, we uncover a new flaw in the widely deployed cryptographic protocol in 3G and 4G cellular networks. We discuss different methods to exploit this flaw using low-cost setup. Further, we present several attacks to demonstrate their impact on end-users carrying 3G and 4G devices. Lastly, we discuss countermeasures to address these privacy issues.