O2 UK patches bug leaking mobile user location from call metadata
A flaw in O2 UK's implementation of VoLTE and WiFi Calling technologies could allow anyone to expose the general location of a person and other identifiers by calling the target.
The problem was discovered by security researcher Daniel Williams, who says the flaw existed on O2 UK's network since March 27, 2017, and was resolved yesterday.
O2 UK is a British telecommunications service provider owned by Virgin Media O2. As of March 2025, the company reported having nearly 23 million mobile customers and 5.8 million broadband clients across the UK, positioning it as one of the major providers in the country.
Locating users by call
Using the Network Signal Guru (NSG) app on a rooted Google Pixel 8, Williams intercepted raw IMS signalling messages exchanged during a call and decoded the cell ID to find the last cell tower the call recipient connected to.
Then, he used public tools that provide cell tower maps to find the geographic coordinates of the tower.
Source: mastdatabase.co.uk
For urban areas where tower coverage is dense, the accuracy would reach 100 m2 (1076 ft2). In rural areas, geo-locating would get less precise, but could still be revealing for the target.
Williams found the trick also worked when the target was abroad, as he located a test subject in Copenhagen, Denmark.
Source: mastdatabase.co.uk
O2 UK confirms fix
Williams says that he contacted O2 UK multiple times on March 26 and 27, 2025, to report his findings, receiving no answers.
Finally, he got direct confirmation from O2 UK earlier today that the issue has been fixed, and he confirmed this through testing.
In a statement to BleepingComputer, a Virgin Media spokesperson confirmed that a fix has been implemented, noting that customers do not have to take any action to protect themselves.
"Our engineering teams have been working on and testing a fix for a number of weeks – we can confirm this is now fully implemented, and tests suggest the fix has worked, and our customers do not need to take any action," Virgin Media O2 told BleepingComputer.
-
OpenAI plans to combine multiple models into GPT-5
OpenAI is planning to combine multiple products (features or models) into its next foundational model, which is called GPT-5.
- May 19, 2025
- 06:11 PM
0
-
Fake KeePass password manager leads to ESXi ransomware attack
Threat actors have been distributing trojanized versions of the KeePass password manager for at least eight months to install Cobalt Strike beacons, steal credentials, and ultimately, deploy ransomware on the breached network.
- May 19, 2025
- 05:17 PM
- 0
-
New Webinar: Defend Against Scattered Spider's Latest TTPs for 2025
Learn about Scattered Spider's latest identity attack techniques and how they continue to evolve in 2025.
Register for the webinar to learn about their latest TTPs and how to defend your organization.
-
O2 UK patches bug leaking mobile user location from call metadata
A flaw in O2 UK's implementation of VoLTE and WiFi Calling technologies could allow anyone to expose the general location of a person and other identifiers by calling the target.
- May 19, 2025
- 03:20 PM
- 0
-
Windows 10 emergency updates fix BitLocker recovery issues
Microsoft has released out-of-band updates to fix a known issue causing Windows 10 systems to boot into BitLocker recovery after installing the May 2025 security updates.
- May 19, 2025
- 01:59 PM
- 0
-
Arla Foods confirms cyberattack disrupts production, causes delays
Arla Foods has confirmed to BleepingComputer that it was targeted by a cyberattack that has disrupted its production operations.
- May 19, 2025
- 01:53 PM
- 0
-
Microsoft unveils Windows AI Foundry for AI-powered PC apps
Microsoft is replacing 'Copilot Runtime' with Windows AI Foundry to help developers build, experiment, and reach users with AI experiences in their apps.
- May 19, 2025
- 12:18 PM
- 1
-
Microsoft confirms new "Advanced" Settings for Windows 11
At the Build 2025 developer conference, Microsoft announced a new 'Advanced Settings' feature to help users and developers personalize the OS experience.
- May 19, 2025
- 12:06 PM
- 1
-
Microsoft open-sources Windows Subsystem for Linux at Build 2025
Microsoft has open-sourced the Windows Subsystem for Linux (WSL), making its source code available on GitHub, except for a few components that are part of Windows.
- May 19, 2025
- 12:00 PM
- 0
-
UK Legal Aid Agency confirms applicant data stolen in data breach
The United Kingdom's Legal Aid Agency (LAA) has confirmed that a recent cyberattack is more serious than first believed, with hackers stealing a large trove of sensitive applicant data in a data breach.
- May 19, 2025
- 11:10 AM
- 0
-
Mozilla fixes Firefox zero-days exploited at hacking contest
Mozilla released emergency security updates to address two Firefox zero-day vulnerabilities demonstrated in the recent Pwn2Own Berlin 2025 hacking competition.
- May 19, 2025
- 10:10 AM
New 'Defendnot' tool tricks Windows into disabling Microsoft Defender
A new tool called 'Defendnot' can disable Microsoft Defender on Windows devices by registering a fake antivirus product, even when no real AV is installed.
- May 17, 2025
- 10:09 AM
Israel arrests new suspect behind Nomad Bridge $190M crypto hack
An American-Israeli national namedAlexander Gurevich has been arrested in Israel for his alleged involvement in exploiting the Nomad bridge smart-contract in August 2022 that allowed hackers to siphon $190 million.
- May 16, 2025
- 12:25 PM
- 0
ChatGPT rolls out Codex, an AI tool for software programming
OpenAI is rolling out 'Codex' for ChatGPT, which is an AI agent that automates and delegates programming tasks for software engineers.
- May 16, 2025
- 11:49 AM
- 0
Hackers exploit VMware ESXi, Microsoft SharePoint zero-days at Pwn2Own
During the second day of Pwn2Own Berlin 2025, competitors earned $435,000 after exploiting zero-day bugs in multiple products, including Microsoft SharePoint, VMware ESXi, Oracle VirtualBox, Red Hat Enterprise Linux, and Mozilla Firefox.
- May 16, 2025
- 11:23 AM
No comments:
Post a Comment