A few days ago, criminals were arrested after carrying out a large-scale cyberattack on mobile users in London. The attack was characterized by the unexpected use of an espionage tool usually reserved for intelligence services, called IMSI catcher.
An IMSI catcher is an electronic device capable of intercepting all mobile communications via the cellular network. By acting as a base station, the tool is able to steal all information in transit: SMS, calls and data.
This Man-In-The-Middle attack is not visible to users and its prevention requires a mobile security application such as Pradeo Security.
Our solution regularly neutralizes similar attack attempts on the mobile devices it protects. They are particularly observed in large cities and at high-profile conferences.
IMSI catcher, for International Mobile Subscriber Identity, is no news since the first implementation of this type of tool dates back to 1993. Many companies supply governments with them. These devices are sometimes used to ensure security during large gatherings or celebrations.
The IMSI catcher allows to spy on the communications of mobile users located in its vicinity, replacing the traditional relay antennas while maintaining the service. In the recent attack discovered, the equipment was used in London. As mobile devices are constantly looking for the strongest cellular signal to connect to, thousands of smartphones have connected to it according to The Register. Although part of the traffic is encrypted, a lot of personal data can still be exploited.
In this case, the IMSI catcher was used to collect phone numbers to enrich a vast smishing campaign, phishing through SMS, posing as banks and public organizations. This attack illustrates once again the convergence of hacking techniques used by criminals to achieve their goals.
Finally, this particularly intrusive tool is not the prerogative of governments. The security researcher Chris Paget demonstrated it at the DEF CON in 2010 by perpetrating the attack live. He said he had set up the IMSI catcher based on generic hardware that costed him $1,500.
The detection of malicious base stations is not supported by smartphone’s operating systems. 3G and 4G networks are particularly vulnerable to this attack. The 5G network is also vulnerable, but to a lesser extent, because it comes with two innovations:
Despite these breakthroughs, most mobile users are still exposed to this threat. However, there are solutions to counter them.
The Pradeo Security mobile security application, available on Android and iOS for businesses and organizations, detects and prevents attacks using an IMSI catcher. It regularly detects attempts to connect to malicious cellular networks, especially in large cities and at high-profile political and private events.
We encourage teams in charge of mobile fleets where sensitive information is handled to implement appropriate security measures.
Let's discuss your mobile security projects: Contact us