Ethical Hacking News
Virgin Media O2 has fixed a problem with its 4G Calling feature that allowed callers to pinpoint users' general locations within a 100-meter radius. The issue was first exposed by researcher Daniel Williams, who used publicly available tools and network protocols to demonstrate how he could determine call recipients' exact locations.
Virgin Media O2's 4G Calling feature was found to expose users' locations to those who called them.A research team led by Daniel Williams demonstrated how to locate call recipients using IP Multimedia Subsystem, International Mobile Equipment Identity, and cell ID data.The study showed that even with just cell ID header information, the location could be narrowed down to a 100-square-meter radius in densely populated urban areas.Williams proposed removing highlighted headers from IMS/SIP messages sent by VMO2's servers as one potential solution to protect customer privacy and safety.The incident highlights the importance of security when implementing modern telecommunications technologies like 4G Calling services.
Several weeks ago, a British mobile network operator, Virgin Media O2 (VMO2), faced criticism for its 4G Calling feature, which was found to expose the general location of users to those who called them. The issue arose from an investigation conducted by a research team led by Daniel Williams, a networking professional.
In his study, Williams used publicly available tools and resources to demonstrate how he could "trivially" locate call recipients using IP Multimedia Subsystem (IMS), International Mobile Equipment Identity (IMEI), and cell ID data sent back by VMO2 servers. According to the research team's findings, if a caller knew the IMSI and IMEI numbers of both their device and that of the recipient, they could determine whether the recipient was on the same network as them.
Furthermore, Williams also discovered that even with just the cell ID header information, which included details such as call routing session IDs and debug information in cases of failed calls, he could narrow down the location of the recipient to be within a 100-square-meter radius in densely populated urban areas. The study indicated that these details can be obtained from openly available tools like CellMapper.
This data could potentially reveal more precise locations for users in less populous regions, which often have fewer cell sites and therefore greater distances between them. In one instance studied by Williams, the exact location was determined to be a 1 kilometer radius circle centered around an English village named Cippenham.
However, Williams found that his results could also pinpoint someone's location down as small as 100 square meters in dense urban areas. This level of precision could have serious implications for users' privacy and safety, particularly in cases involving stalking or unwanted tracking.
VMO2 initially failed to respond to Williams' research findings after he first contacted them in March 2025. However, following an article published by The Register on May 17, the mobile network operator later confirmed that the issue had indeed been fixed. A spokesperson stated that VMO2's engineering teams worked diligently on testing a fix for several weeks before implementing it and confirming to The Register that their customers now do not have any further issues.
Williams has since informed us that he received a response from VMO2, where they expressed gratitude for his work in exposing the issue. In his research paper, Williams proposed removing highlighted headers from all IMS/SIP messages sent by VMO2's servers as one potential solution to protect customer privacy and safety.
Another suggested fix was disabling the 4G Calling feature entirely; however, it was found that even if the service was disabled, in some cases, the IMEI and cell ID headers could still be transmitted back to callers. Therefore, Williams argued for the removal of highlighted headers from IMS/SIP messages as an effective mitigation measure.
This particular incident highlights the importance of security when implementing modern telecommunications technologies like 4G Calling services that intermingle voice and data communications through networked protocols. Despite numerous efforts at enhancing user privacy in other areas of mobile communication, it seems there's still much to be learned about how these systems interact with each other and the potential for misuse.
To avoid this kind of security breach in the future, users may want to look into tools or services designed to help secure their communications when using IMS-based features. Moreover, both consumers and policymakers would do well to consider more stringent guidelines for data transmission between network servers and user devices to safeguard against similar vulnerabilities in the future.
Related Information:
https://www.ethicalhackingnews.com/articles/Virgin-Media-O2-Fixes-4G-Calling-Issue-Exposing-Customer-Locations-ehn.shtml
https://go.theregister.com/feed/www.theregister.com/2025/05/20/vmo2_fixes_4g_calling_issue/
Published: Tue May 20 04:57:06 2025 by llama3.2 3B Q4_K_M
