Cell Spy Catcher Apk
Hennie Jaffe
An international mobile subscriber identity-catcher, or IMSI-catcher, is a telephone eavesdropping device used for intercepting mobile phone traffic and tracking location data of mobile phone users.[1] Essentially a "fake" mobile tower acting between the target mobile phone and the service provider's real towers, it is considered a man-in-the-middle (MITM) attack. The 3G wireless standard offers some risk mitigation due to mutual authentication required from both the handset and the network.[2] However, sophisticated attacks may be able to downgrade 3G and LTE to non-LTE network services which do not require mutual authentication.[3]
IMSI-catchers are used in a number of countries by law enforcement and intelligence agencies, but their use has raised significant civil liberty and privacy concerns and is strictly regulated in some countries such as under the German Strafprozessordnung (StPO / Code of Criminal Procedure).[1][4] Some countries do not have encrypted phone data traffic (or very weak encryption), thus rendering an IMSI-catcher unnecessary.[citation needed]
A virtual base transceiver station (VBTS)[5] is a device for identifying the temporary mobile subscriber identity (TMSI), international mobile subscriber identity (IMSI) of a nearby GSM mobile phone and intercepting its calls, some are even advanced enough to detect the international mobile equipment identity (IMEI). It was patented[5] and first commercialized by Rohde & Schwarz in 2003. The device can be viewed as simply a modified cell tower with a malicious operator, and on 4 January 2012, the Court of Appeal of England and Wales held that the patent is invalid for obviousness.[6]
IMSI-catchers are often deployed by court order without a search warrant, the lower judicial standard of a pen register and trap-and-trace order being preferred by law enforcement.[7] They can also be used in search and rescue operation for missing persons.[8] Police departments have been reluctant to reveal use of these programs and contracts with vendors such as Harris Corporation, the maker of Stingray and Kingfish phone tracker devices.[9]
In the UK, the first public body to admit using IMSI catchers was the Scottish Prison Service,[10] though it is likely that the Metropolitan Police Service has been using IMSI catchers since 2011 or before.[11]
The GSM specification requires the handset to authenticate to the network, but does not require the network to authenticate to the handset. This well-known security hole is exploited by an IMSI catcher.[13] The IMSI catcher masquerades as a base station and logs the IMSI numbers of all the mobile stations in the area, as they attempt to attach to the IMSI-catcher.[14] It allows forcing the mobile phone connected to it to use no call encryption (A5/0 mode) or to use easily breakable encryption (A5/1 or A5/2 mode), making the call data easy to intercept and convert to audio.
The 3G wireless standard mitigates risk and enhanced security of the protocol due to mutual authentication required from both the handset and the network and removes the false base station attack in GSM.[2] Some sophisticated attacks against 3G and LTE may be able to downgrade to non-LTE network services which then does not require mutual authentication.[3]
Every mobile phone has the requirement to optimize its reception. If there is more than one base station of the subscribed network operator accessible, it will always choose the one with the strongest signal. An IMSI-catcher masquerades as a base station and causes every mobile phone of the simulated network operator within a defined radius to log in. With the help of a special identity request, it is able to force the transmission of the IMSI.[15]
The IMSI-catcher subjects the phones in its vicinity to a man-in-the-middle attack, appearing to them as a preferred base station in terms of signal strength. With the help of a SIM, it simultaneously logs into the GSM network as a mobile station. Since the encryption mode is chosen by the base station, the IMSI-catcher can induce the mobile station to use no encryption at all. Hence it can encrypt the plain text traffic from the mobile station and pass it to the base station.
A targeted mobile phone is sent signals where the user will not be able to tell apart the device from authentic cell service provider infrastructure.[16] This means that the device will be able to retrieve data that a normal cell tower receives from mobile phones if registered.[16]
There is only an indirect connection from mobile station via IMSI-catcher to the GSM network. For this reason, incoming phone calls cannot generally be patched through to the mobile station by the GSM network, although more modern versions of these devices have their own mobile patch-through solutions in order to provide this functionality.
The difference between a passive IMSI-catcher and an active IMSI-catcher is that an active IMSI-catcher intercepts the data in transfer such as spoke, text, mail, and web traffic between the endpoint and cell tower.
Active IMSI-catchers generally also intercept all conversations and data traffic within a large range and are therefore also called rogue cell towers. It sends a signal with a plethora of commands to the endpoints, which respond by establishing a connection and routes all conversations and data traffic between the endpoints and the actual cell tower for as long as the attacker wishes.
A passive IMSI-catcher on the other hand only detects the IMSI, TMSI or IMEI of an endpoint. Once the IMSI, TMSI or IMEI address is detected, the endpoint is immediately released. The passive IMSI-catcher sends out a signal with only one specific command to the endpoints, which respond to it and share the identifiers of the endpoint with the passive IMSI-catcher. The vendors of passive IMSI-catchers take privacy more into account.
To provide a high network coverage, the UMTS standard allows for inter-operation with GSM. Therefore, not only UMTS but also GSM base stations are connected to the UMTS service network. This fallback is a security disadvantage and allows a new possibility of a man-in-the-middle attack.[18]
Some preliminary research has been done in trying to detect and frustrate IMSI-catchers. One such project is through the Osmocom open source mobile station software. This is a special type of mobile phone firmware that can be used to detect and fingerprint certain network characteristics of IMSI-catchers, and warn the user that there is such a device operating in their area. But this firmware/software-based detection is strongly limited to a select few, outdated GSM mobile phones (i.e. Motorola) that are no longer available on the open market. The main problem is the closed-source nature of the major mobile phone producers.
The application Android IMSI-Catcher Detector (AIMSICD) is being developed to detect and circumvent IMSI-catchers by StingRay and silent SMS.[20] Technology for a stationary network of IMSI-catcher detectors has also been developed.[13] Several apps listed on the Google Play Store as IMSI catcher detector apps include SnoopSnitch, Cell Spy Catcher, and GSM Spy Finder and have between 100,000 and 500,000 app downloads each. However, these apps have limitations in that they do not have access to phone's underlying hardware and may offer only minimal protection.[21]
If you think Face ID or fingerprint scanners are keeping the data in your smartphone safe, you are gravely mistaken. International Mobile Subscriber Identity (IMSI) Catchers are wreaking data security havoc on a global scale today. This hacking tool, although not really new, has become the weapon of choice to target unsuspecting smartphone users.
This is an obvious concern for cellular phone users. However, if we are to learn anything from the government crackdown on the corporations charged with collecting, processing, and protecting data transferred via digital communications then Mobile Network Operators (MNOs) should be able to see the writing on the wall.
One of the most popular methods used by attackers to infiltrate cellular devices is launching Man in the Middle Attacks using IMSI Catchers. These devices, also known as Stingrays, can perform a wide range of malicious actions like identity theft, data harvesting, and real-time location tracking. For concerned MNOs, IMSI Catchers and Man in the Middle should be high on the list of attacks they aim to prevent.
This cybercriminal activity is made possible due to a loophole in the GSM protocol. Mobile phones are constantly looking for the tower with the strongest signal to provide the best reception, which is usually the nearest one. It might, however, not be a genuine mobile provider tower.
The cybersecurity market has grown at an exponential rate over the last decade. Yes, there are consumer solutions on offer to fight IMSI Catchers. However, as per recent WIRED research, the available consumer-level tools were found to be partially effective at best when it came to detecting malicious activity involving snooping.
Available IMSI catcher detection solutions today can be roughly divided into two categories: consumer-level and military-grade solutions. The software solutions offered to users online are, as mentioned above, only partially effective in protecting users and their devices. While they may provide some peace of mind to the average smartphone user, it is simply not enough to protect sensitive corporate data often found on the devices of company employees.
FirstPoint Mobile Guard provides a unique military-grade capability to detect IMSI Catchers and prevent Man in the Middle Attacks at the network level. Designed for cutting-edge protection on the SIM-card level and mass-deployment in large organizations, the main strength of this solution is its ease of use.
Just insert the FirstPoint SIM card into the smartphone or IoT device you wish to protect and FirstPoint does the rest. This solution is extremely suitable for organizations and governments who want maximal security at minimal configuration. This cyber security-as-a-service provides continuous network-based protection with little to no maintenance required once it is installed in the employee devices.
64591212e2