27k unique visitors in the last 3 days

Cheap New Open Source Tool Detects IMSI-Catchers

American privacy activists want to monitor police surveillance but their $54 device would be more productively used by shopping malls that want to tip off the police about SMS blasters.

Technologists working at the Electronic Frontier Foundation (EFF) have developed a new device called Rayhunter (pictured) that detects IMSI-catchers in the vicinity. Anybody can obtain their own Rayhunter by purchasing an Orbic Mobile Hotspot — retailing for USD54 on Amazon at the time of writing — and installing the Rayhunter software available at this GitHub repository.

Being American, the EFF crew refers to IMSI-catchers as cell site simulators instead of referring to them as false base stations, the more common term worldwide. Or they could have just called them IMSI-catchers, the most common name of all. But let us forgive them the eccentricities of American naming conventions when they ask for Rayhunters to be used around the planet.

We hope that activists, journalists, and others will run these devices all over the world and help us collect data about the usage and capabilities of cell-site simulators.

A simple explanation is given for how the Rayhunter gathers information without interfering with anyone’s privacy.

Rayhunter works by intercepting, storing, and analyzing the control traffic (but not user traffic, such as web requests) between the mobile hotspot Rayhunter runs on and the cell tower to which it’s connected. Rayhunter analyzes the traffic in real-time and looks for suspicious events, which could include unusual requests like the base station (cell tower) trying to downgrade your connection to 2G which is vulnerable to further attacks, or the base station requesting your IMSI under suspicious circumstances.

There is a caveat to the developers’ request for worldwide use of Rayhunters.

Legal disclaimer: Use Rayhunter at your own risk. We believe running this program does not currently violate any laws or regulations in the United States. However, we are not responsible for civil or criminal liability resulting from the use of this software. If you are located outside of the US please consult with an attorney in your country to help you assess the legal risks of running this program.

There is a similar cultural bias in the researchers believing this technology will primarily be used to identify phone surveillance conducted by law enforcement agencies. Based on the recent history of scam activity involving radio devices worldwide, I rather suspect these cheap and simple radio detectors would be most effective at protecting the public from SMS blasters that send many smishing messages.

We know that scammers have learned to target shopping malls and other locations where large numbers of people pass through on a daily basis. This means Rayhunters are likely to get the most use if maintained by a shopkeeper or handed to a mall security guard, rather than keeping them in the homes of suburban gadget enthusiasts. Businesses would then be able to alert the police to evidence of smishing scammers operating in malls and circling other locations as they drive or carry SMS blasters around town.

The EFF article introducing Rayhunter can be found here.

Eric Priezkalns
Eric Priezkalnshttp://revenueprotect.com

During his career, Eric has been a Director of Risk Management for a national telco, the Chief Executive of the Risk & Assurance Group, a Chief Marketing Officer for a software business, a consultant, a public speaker and the publisher of Commsrisk since its launch in 2006. Look here for more about the history of Commsrisk and the role played by Eric.

The comms providers that Eric has worked for include Qatar Telecom, Cable & Wireless, T‑Mobile, Sky and Worldcom. In addition to his proficiency at speaking about the current scamdemic, Eric is also a qualified chartered accountant and a subject matter expert in consumer protection, enterprise risk management, fraud prevention, data integrity and billing accuracy. Eric was the lead author of Revenue Assurance: Expert Opinions for Communications Providers, published by CRC Press. He can be reached through the contact form on this website.

Related Articles

The Commsrisk Global Fraud Dashboard


Our Global Fraud Dashboard uses AI-powered search to collate, update and visualize data about scams and other network abuses from around the world. New charts are added each month. See it here.

Get Our Weekly Newsletter by Email