Stay up to date

Stay up to date

Mobile Security Expertise

What you need to know about spying through rogue cell towers

Picture of Roxane Suau
By Roxane Suau on February, 22 2023

A few days ago, criminals were arrested after carrying out a large-scale cyberattack on mobile users in Paris. The attack was characterized by the unexpected use of an espionage tool usually reserved for intelligence services, called IMSI catcher.

An IMSI catcher is an electronic device capable of intercepting all mobile communications via the cellular network. By acting as a base station, the tool is able to steal all information in transit: SMS, calls and data.

This Man-In-The-Middle attack is not visible to users and its prevention requires a mobile security application such as Pradeo Security.

Our solution regularly neutralizes similar attack attempts on the mobile devices it protects. They are particularly observed in large cities and at high-profile conferences.


An accessible and highly intrusive tool

IMSI catcher, for International Mobile Subscriber Identity, is no news since the first implementation of this type of tool dates back to 1993. Many companies supply governments with them. These devices are sometimes used to ensure security during large gatherings or celebrations.

The IMSI catcher allows to spy on the communications of mobile users located in its vicinity, replacing the traditional relay antennas while maintaining the service. In the recent attack discovered, the equipment was in a vehicle that crisscrossed the streets of Paris. As mobile devices are constantly looking for the strongest cellular signal to connect to, nearly 16,000 smartphones have connected to it according to French magazine Les Numériques. Although part of the traffic is encrypted, a lot of personal data can still be exploited.

In this case, the IMSI catcher was used to collect phone numbers to enrich a vast smishing campaign, phishing through SMS, posing as the national Health Insurance. This attack illustrates once again the convergence of hacking techniques used by criminals to achieve their goals.

Finally, this particularly intrusive tool is not the prerogative of governments. The security researcher Chris Paget demonstrated it at the DEF CON in 2010 by perpetrating the attack live. He said he had set up the IMSI catcher based on generic hardware that costed him $1,500.


Safety measures taken by mobile operators

The detection of malicious base stations is not supported by smartphone’s operating systems. 3G and 4G networks are particularly vulnerable to this attack. The 5G network is also vulnerable, but to a lesser extent, because it comes with two innovations:

  • Increased Home Control, a functionality that detects fake phone networks when a mobile is connected to the roaming network (usually abroad)
  • The SUPI, a substitute for the IMSI, which is never transmitted on the network.

Despite these breakthroughs, most mobile users are still exposed to this threat. However, there are solutions to counter them.


How to secure your mobile users?

The Pradeo Security mobile security application, available on Android and iOS for businesses and organizations, detects and prevents attacks using an IMSI catcher. It regularly detects attempts to connect to malicious cellular networks, especially in large cities and at high-profile political and private events.

We encourage teams in charge of mobile fleets where sensitive information is handled to implement appropriate security measures.


Let's discuss your mobile security projects: Contact us

Get in touch with mobile security experts

Contact us