Phone hacking by IMSI-Catcher: how to protect yourself?

An IMSI-catcher is a box equipped with antennas, used for surveillance and interception of mobile data. IMSI stands for International Mobile Subscriber Identityor international mobile subscriber identity in French.

What is an IMSI-catcher?

The device simulates a fake cell tower to attract connections from surrounding cellphones using a flaw in the GSM (2G) network that has been dragged around since the 90s. In fact, the device uses the MITM (man-in-the-middle) attack method: on a mobile network, it pretends to be a relay antenna, once the smartphone is connected, the box sucks up all the data, from the telephone number to the exchanges of messaging through many metadata.

A scam worthy of a movie

It is therefore thanks to one of these boxes that a group of crooks carried out a large-scale scam in the Paris region. With a homemade IMSI-catcher, more than 16,000 smartphones have been targeted. The goal of the team: to send fraudulent health insurance SMS, for example with a trapped link. Once clicked, the URL siphons off the victim’s personal and banking data.

The police then noted the presence of several telephones and an installation comprising white antennas. A crate was found in the trunk with a device that looks like a bomb. Demining services were carried out on site 📸 2/2 pic.twitter.com/e8isfMMhMy

— Amaury Bucco (@AmauryBucco) December 30, 2022

More than 424,000 messages have been sent by the group. On February 14, the police arrested the scammers and seized a large quantity of equipment (cars, telephones, PCs, etc.). The most terrible thing about this system is that it is used locally. By standing in front of a CAF, a sports club or a supermarket, we can better target the text messages sent and gain the confidence of the victims.

What frame for the enclosures?

The legal framework for IMSI-catchers is rather recent. All in all, it is not allowed to use any of these enclosures for ordinary mortals, but under the post-attack intelligence law in 2015, their use was authorized to facilitate the work of law enforcement. The question of the ethics behind this use by law enforcement is a long debate. In 2013, the National Assembly already proposed to regulate it while respecting certain limits.

“Its establishment can therefore only take on a very exceptional character and […]should also be subject to the continuous control of an external authority, in order to prevent any abuse”
Parliamentary report

Be aware that it is very difficult to guard against data spying by an IMSI-catcher, outside the technical limits of the tool. For example, the box cannot retrieve encrypted information, such as a WhatsApp conversation.

Tools still allow you to know if you are a victim of this technology, like Cell Spy Catcher app which will quite simply make it possible to authenticate a relay antenna in a secure manner.

As a reminder: never click on links sent by SMS.