Android security mystery – ‘fake’ cellphone towers found in U.S. | Emergency Preparedness | Forums

A A A
Avatar
Search

— Forum Scope —






— Match —





— Forum Options —





Minimum search word length is 3 characters - maximum search word length is 84 characters

Lost password?
sp_Feed F-Emergency-Preparedness
Android security mystery – ‘fake’ cellphone towers found in U.S.
Avatar
K
Admin
Forum Posts: 31782
Member Since:
15 Feb ’12
sp_UserOfflineSmall Offline
1
2 Sep ’14 - 9:47 am
sp_Permalink sp_Print

okay, that's pretty scary

[There have been many comments to this story from people who are assuming that these 'towers' are physical installations. There's no reason to assume this is the case: it's far likelier that they are mobile installations of the kind used not only by law enforcement and government agencies, but also by scammers and other criminals. (David Harley)]

Seventeen mysterious cellphone towers have been found in America which look like ordinary towers, and can only be identified by a heavily customized handset built for Android security – but have a much more malicious purpose, according to Popular Science.

The fake ‘towers’ – computers which wirelessly attack cellphones via the “baseband” chips built to allow them to communicate with their networks, can eavesdrop and even install spyware, ESD claims. They are a known technology - but the surprise is that they are in active use.

The towers were found by users of the CryptoPhone 500, one of several ultra-secure handsets that have come to market in the last couple of years, after an executive noticed his handset was “leaking” data regularly.

Its American manufacturer boasts that the handset has a “hardened” version of Android which removes 468 vulnerabilities from the OS.

Android Security: Towers in casinos

Despite its secure OS, Les Goldsmith of the handset’s US manufacturer ESD found that his personal Android security handset’s firewall showed signs of attack “80 to 90” times per hour.

The leaks were traced to the mysterious towers. Despite having some of the functions of normal cellphone towers, Goldsmith says their function is rather different. He describes them as “interceptors” and says that various models can eavesdrop and even push spyware to devices. Normal cellphones cannot detect them – only specialized hardware such as ESD’s Android security handsets.

Who created the towers and maintains them is unknown, Goldsmith says.

Origin of towers ‘unknown’

“Interceptor use in the U.S. is much higher than people had anticipated,” Goldsmith says.  “One of our customers took a road trip from Florida to North Carolina and he found eight different interceptors on that trip.  We even found one at South Point Casino in Las Vegas.”

Their existence can only be seen on specialized devices, such as the custom Android security OS used by Cryptophone, which includes various security features – including “baseband attack detection.”

The handset, based on a Samsung Galaxy SIII, is described as offering, a “Hardened Android operating system” offering extra security. “Baseband firewall protects against over-the-air attacks with constant monitoring of baseband processor activity, baseband attack detection, and automated initiation of countermeasures”, claims the site.

“What we find suspicious is that a lot of these interceptors are right on top of U.S. military bases.” says Goldsmith.  “Whose interceptor is it?  Who are they, that’s listening to calls around military bases?  The point is: we don’t really know whose they are.”

Baseband attacks are considered extremely difficult – the details of the chips are closely guarded. “Interceptors” are costly devices – and hacking baseband chips is thought to be technically advanced beyond the reach of “ordinary” hackers, ESD says. The devices vary in form, and are sold to government agencies and others, but are computers with specialized software designed to defeat the encryption of cellphone networks. The towers target the “Baseband” operating system of cellphones – a secondary OS which sits “between” iOS or Android, for instance, and the cellular network.

Goldsmith says that the devices cost “less than $100,000” and does not mention what level or type of device his team has detected. Most are still out of reach of average hackers, although freely advertised. One model is the VME Dominator, which is described as, “a real time GSM A5.1 cell phone interceptor. It cannot be detected. It allows interception of voice and text. It also allows voice manipulation, up or down channel blocking, text intercept and modification, calling & sending text on behalf of the user, and directional finding of a user during random monitoring of calls.”

What has come as a surprise is how many “interceptors” are in active use in the U.S., and that their purpose remains mysterious.

http://www.welivesecurity.com/2014/08/28/android-security-2/

Avatar
easytapper
Rancher
Members
Forum Posts: 2149
Member Since:
19 Feb ’12
sp_UserOfflineSmall Offline
2
2 Sep ’14 - 10:32 am
sp_Permalink sp_Print

The following users say thank you to easytapper for this useful post:

jonathco
Avatar
K
Admin
Forum Posts: 31782
Member Since:
15 Feb ’12
sp_UserOfflineSmall Offline
3
3 Sep ’14 - 9:24 am
sp_Permalink sp_Print

lol, perfect

Avatar
easytapper
Rancher
Members
Forum Posts: 2149
Member Since:
19 Feb ’12
sp_UserOfflineSmall Offline
4
3 Sep ’14 - 10:58 am
sp_Permalink sp_Print

KVR said
lol, perfect

The only other explanation is aliens, and that would just be silly.

Forum Timezone: America/New_York

Most Users Ever Online: 698

Currently Online:
77 Guest(s)

Currently Browsing this Page:
1 Guest(s)

Top Posters:

easytapper: 2149

DangerDuke: 2030

groinkick: 1667

PorkChopsMmm: 1515

Gravel Road: 1455

Newest Members:

Forum Stats:

Groups: 1

Forums: 12

Topics: 11482

Posts: 58640

 

Member Stats:

Guest Posters: 2

Members: 19842

Moderators: 0

Admins: 1

Administrators: K