Critical Security Flaw Lets Hackers Impersonate 4G Phones

Key Takeaways
- Hackers can exploit 4G-to-2G network switches to hijack phones in 60 seconds
- Attack lets intruders impersonate your number, access messages, and take over accounts
- Current fix: enable airplane mode to prevent the vulnerability
In today’s connected world, smartphones have become essential tools for banking, communication, and accessing services online. However, a newly uncovered security flaw highlights just how vulnerable these devices can be. Researchers from China’s 360 Technology, working with the Unicorn Team, have identified a technique called “Ghost Telephonist” that enables hackers to take control of a 4G smartphone by exploiting the way devices switch between network technologies.
The vulnerability arises when a smartphone transitions from a modern LTE (4G) network to an older, slower 2G connection—this often happens automatically when signal strength weakens. Normally, a phone must authenticate itself to join a network, proving it is the legitimate device tied to a specific number. However, during the switch to 2G, this authentication step is skipped. That gap creates an opening for attackers to seize the victim’s phone number and perform actions such as making calls, sending messages, or accessing linked online accounts—all without the user’s knowledge.
At the Black Hat security conference in Las Vegas, the research team demonstrated how quickly this attack can unfold. They showed that the entire process can be completed in roughly 60 seconds. Even more alarming, users may never realize their number has been compromised. Once an attacker controls a victim’s number, they can intercept verification texts, reset passwords, and take over accounts such as social media profiles or banking services.
To illustrate the danger, the team simulated a password reset request on Facebook. After hijacking the target’s number, they intercepted the reset link sent via SMS on a cloned device, successfully gaining access to the victim’s Facebook account. The researchers stress that this is just one example of potential misuse.
The Unicorn Team is sharing their findings with network providers and urging changes to the authentication process when switching between network technologies. Until formal fixes are deployed, the only reliable way to protect against this specific threat is to place the phone in airplane mode. As explained by researcher Lin Huang, airplane mode signals to the network that the device is offline, effectively closing the vulnerability’s window.
This discovery underscores the importance of staying vigilant about digital security, especially when handling sensitive information on mobile devices.



