'Torpedo' location detection exploit could target iPhones on both 4G & 5G networks

An attack dubbed "Torpedo" exploits the way phones send paging data when they receive calls or texts, the researchers explained to TechCrunch. By placing and cancelling multiple calls to it within a short amount of time, a target device can be made to trigger a paging message without alerting its owner. The scheme can not only be used to track location, but hijack a paging channel and inject or block paging messages, even denying someone messages altogether.

Torpedo can be the gateway to two other exploits, nicknamed "Piercer" and "IMSI-Cracking." Both can be used to expose a device's IMSI (international mobile subscriber identity), the former on 4G networks and the latter on both 4G and 5G.

As a result, even 5G phones could be intercepted by Stingray-style tracking devices used by law enforcement, spy agencies, and criminal groups. Needed equipment is said to cost as little as $200.

All four major U.S. carriers are vulnerable to Torpedo, one of the researchers said. The cellular industry has reportedly been notified about the threat.

Apple isn't expected to add 5G to iPhones, iPads, or the Apple Watch until 2020. That's probably because of its legal battles with Qualcomm, slow modem development at Intel, and the fact that general 5G coverage should remain small by the time this fall's iPhones are ready.

The 5G technology is considered crucial to the advancement of technologies like self-driving cars and augmented reality, both of which Apple is known to be working on.