T-Mobile smartphone devices have a new default Wi-Fi calling feature that keeps you connected in areas with little or no coverage using a Wi-Fi connection. Using a Wi-Fi calling-enabled phone, users connect through a router and broadband internet service to increase service where they generally lack it.
Two students from the University of California Berkeley discovered recently that this feature leaves millions of Android users vulnerable to “Man-in-the-Middle attacks”. The simplest way that this happens is for the attacker to be on the same open wireless network as the victim, granting them access to become a man-in-the-middle.
According to thehackernews.com, in a technical analysis of the exploit, the flaw could potentially allow hackers to access and modify calls and messages made by T-Mobile users on certain Android smartphones. The students informed T-Mobile of the flaw in December and on March 18 T-Mobile was able to resolve the issue for all affected phone models.
T-Mobile uses regular VoIP for Wi-Fi Calling instead of a connection that is encrypted, something that aids in its vulnerability. The certificate validation had not been fully implemented, so without this proper verification, hackers could have created a fake certificate and pretended to be the T-Mobile server.