The Hacker News Logo
Subscribe to Newsletter

Fake Cell Phone Towers Could Be Intercepting Your Calls

Fake Cell Phone Towers Could Be Intercepting Your Calls
A notable number of cell phone towers around the United States are rogue that, according to latest report, could spoof legitimate towers and intercept calls.

The research carried out by ESD America, a defense and law enforcement technology firm based in Las Vegas, shows that a rogue cell phone towers, also known as "interceptors", may process the call.

ESD America, the company that makes the super-secure CryptoPhone, makes one of the oldest and most expensive high-security cell phones in the market. It provides equipment and training to more than 40 countries with a goal to provide technical security assistance to government and corporate clients across Asia.

SEVERAL ROGUE CELL PHONE TOWERS DISCOVERED
While field-testing its secure Android handset, the CryptoPhone 500, the firm came across the existence of a series of fake base stations along the Eastern seaboard of the US. Les Goldsmith, the CEO of ESD America, told the US publication Popular Science that he found 17 mobile phone towers across the U.S. that forces the phone to backdown to an easy-to-break 2G connection and then switches off the encryption.
"What we find suspicious is that a lot of these interceptors are right on top of U.S. military bases. So we begin to wonder – are some of them U.S. government interceptors? Or are some of them Chinese interceptors?" he says.
MAN-IN-THE-MIDDLE ATTACK
No one knows for sure who's running them, Goldsmith said. He called these fake phony towers as “interceptors” on the basis that they might be attempting man-in-the-middle (MitM) attacks, in cases where the rogue tower takes a phone call, siphons it off for interception and also passes it on to the legitimate network.
Here's how interceptors exploit your smartphones:
[Interceptors] are radio-equipped computers with software that can use arcane cellular network protocols and defeat the onboard encryption. Whether your phone uses Android or iOS, it also has a second operating system that runs on a part of the phone called a baseband processor. The baseband processor functions as a communications middleman between the phone's main O.S. and the cell towers. And because chip manufacturers jealously guard details about the baseband O.S., it has been too challenging a target for garden-variety hackers.
WHAT ABOUT SAMSUNG AND iPHONE
Goldsmith said when his team drove to a US government facility in the Nevada desert in the month of July, he also took a standard Samsung Galaxy S4 and an iPhone to serve as a control group for his CryptoPhone 5000. The CryptoPhone "lit up like a Christmas tree", while his iPhone and Samsung Galaxy S4 showed no signs of being intercepted at all.
"As we drove by, the iPhone showed no difference whatsoever. On the Samsung Galaxy S4, the call went from 4G to 3G and back to 4G. The CryptoPhone lit up like a Christmas tree," he said.
WHO IS BEHIND THESE INTERCEPTORS
In this case, the problem is that the phones never alert the user if the encryption was switched off when it managed to associate with these interceptors.

So, a question arises here, Who is responsible for these interceptors? In one particular case one of these towers was discovered at a casino in Las Vegas as well as near several military installations.
Edward Snowden revealed that the N.S.A. is capable of an over-the-air attack that tells the phone to fake a shut-down while leaving the microphone running, turning the seemingly deactivated phone into a bug,” reported Popular Science.
And various ethical hackers have demonstrated DIY interceptor projects, using a software programmable radio and the open-source base station software package OpenBTS – this creates a basic interceptor for less than $3,000. On August 11, the F.C.C. announced an investigation into the use of interceptors against Americans by foreign intelligence services and criminal gangs.
SOLUTION - CRYPTOPHONE OF $3,500
So, in order to protect from these fake phony towers or interceptors, do we need a CryptoPhone?

According to Popular Science, if you're not realistically of any interest to the U.S. government and never leave the country, you probably don't. In fact, the primary customers of CryptoPhone are executives who do business in Asia, according to Goldsmith.

The important part to decide whether you need a CryptoPhone is that, a single CryptoPhone costs $3,500, five times the price of competitors like SGP Technologies' Blackphone. So even if you are looking for a one, it's not exactly an impulse buy.

Plus, as Goldsmith told the MIT Technology Review back in March, his company hasn't been able to make these boutique phones fast enough, ever since the NSA scandals erupted last year.

Have something to say about this article? Comment below or share it with us on Facebook, Twitter or our LinkedIn Group.
SHARE
Comments
Latest Stories
Best Deals

Newsletter — Subscribe for Free

Join over 500,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.