[ad_1]
Posted by Nataliya Stanetsky and Roger Piqueras Jover, Android Safety & Privateness Group
Cell-site simulators, also referred to as False Base Stations (FBS) or Stingrays, are radio units that mimic actual cell websites with a purpose to lure cellular units to connect with them. These units are generally used for safety and privateness assaults, resembling surveillance and interception of communications. In recent times, carriers have began reporting new kinds of abuse perpetrated with FBSs for the needs of economic fraud.
Particularly, there’s more and more extra proof of the exploitation of weaknesses in mobile communication requirements leveraging cell-site simulators to inject SMS phishing messages instantly into smartphones. This technique to inject messages fully bypasses the provider community, thus bypassing all the delicate network-based anti-spam and anti-fraud filters. Situations of this new kind of fraud, which carriers seek advice from as SMS Blaster fraud, have been reported in Vietnam, France, Norway, Thailand and a number of different nations.
GSMA’s Fraud and Safety Group (FASG) has developed a briefing paper for GSMA members to lift consciousness of SMS Blaster fraud and supply pointers and mitigation suggestions for carriers, OEMs and different stakeholders. The briefing paper, accessible for GSMA members solely, calls out some Android-specific suggestions and options that may assist successfully shield our customers from this new kind of fraud.
What are SMS Blasters?
SMS Blaster is the time period that international carriers use to seek advice from FBS and cell-site simulators operated unlawfully with the objective of disseminating (blast) SMS payloads. The most typical use case is to leverage these units to inject Smishing (SMS phishing) payloads into consumer units. Fraudsters usually do that by driving round with moveable FBS units, and there have even been stories of fraudsters carrying these units of their backpacks.
The strategy is simple and replicates identified methods to trick cellular units to an attacker-controlled 2G community. SMS Blasters expose a pretend LTE or 5G community which executes a single perform: downgrading the consumer’s connection to a legacy 2G protocol. The identical system additionally exposes a pretend 2G community, which lures all of the units to connect with it. At this level, attackers abuse the well-known lack of mutual authentication in 2G and power connections to be unencrypted, which allows a whole Individual-in-the-Center (PitM) place to inject SMS payloads.
SMS Blasters are bought on the web and don’t require deep technical experience. They’re easy to arrange and able to function, and customers can simply configure them to mimic a specific provider or community utilizing a cellular app. Customers may also simply configure and customise the SMS payload in addition to its metadata, together with for instance the sender quantity.
SMS Blasters are very interesting to fraudsters given their nice return on funding. Spreading SMS phishing messages generally yields a small return as it is rather tough to get these messages to fly undetected by subtle anti-spam filters. A really small subset of messages ultimately attain a sufferer. In distinction, injecting messages with an SMS blaster fully bypasses the provider community and its anti-fraud and anti-spam filters, guaranteeing that each one messages will attain a sufferer. Furthermore, utilizing an FBS the fraudster can management all fields of the message. One could make the message seem like it’s coming from the authentic SMS aggregator of a financial institution, for instance. In a current assault that impacted a whole lot of 1000’s of units, the messages masqueraded as a medical insurance discover.
Though the kind of abuse carriers are uncovering just lately is monetary fraud, there’s precedent for using rogue mobile base stations to disseminate malware, for instance injecting phishing messages with a url to obtain the payload. You will need to observe that customers are nonetheless susceptible to the sort of fraud so long as cellular units assist 2G, whatever the standing of 2G of their native provider.
Android protects customers from phishing and fraud
There are a selection of Android-only safety features that may considerably mitigate, or in some circumstances totally block, the affect of the sort of fraud.
Android 12 launched a consumer choice to disable 2G on the modem stage, a function first adopted by Pixel. This feature, if used, utterly mitigates the chance from SMS Blasters. This function has been accessible since Android 12 and requires units to evolve to Radio HAL 1.6+.
Android additionally has an choice to disable null ciphers as a key safety as a result of it’s strictly obligatory for the 2G FBS to configure a null cipher (e.g. A5/0) with a purpose to inject an SMS payload. This safety function launched with Android 14 requires units that implement radio HAL 2.0 or above.
Android additionally supplies efficient protections that particularly tackles SMS spam and phishing, no matter whether or not the supply channel is an SMS Blaster. Android has built-in spam safety that helps to determine and block spam SMS messages. Extra safety is supplied via RCS for Enterprise, a function that helps customers determine authentic SMS messages from companies. RCS for Enterprise messages are marked with a blue checkmark, which signifies that the message has been verified by Google.
We advocate leveraging a few essential Google safety features which can be found on Android, specifically Protected Shopping and Google Play Shield. As a further layer of safety, Protected Shopping built-in on Android units protects 5 billion units globally and helps warn the customers about doubtlessly dangerous websites, downloads and extensions which could possibly be phishing and malware-based.
Let’s say a consumer decides to obtain an app from the Play retailer however the app incorporates code that’s malicious or dangerous, customers are protected by Google Play Shield which is a safety function that scans apps for malware and different threats. It additionally warns customers about doubtlessly dangerous apps earlier than they’re put in.
Android’s dedication to safety and privateness
Android is dedicated to offering customers with a protected and safe cellular expertise. We’re continuously working to enhance our safety features and shield customers from phishing, fraud, and different threats.
Working with international carriers and different OEMs via the GSMA to assist the ecosystem within the improvement and adoption of additional mobile safety and privateness options is a precedence space for Android. We sit up for partnering with ecosystem companions in additional elevating the safety bar on this house to guard cellular customers from threats like SMS blasters.
Thanks to all our colleagues who actively contribute to Android’s efforts in tackling fraud and FBS threats, and particular because of those that contributed to this weblog submit: Yomna Nasser, Gil Cukierman, Il-Sung Lee, Eugene Liderman, Siddarth Pandit.
[ad_2]