Man
Professional
- Messages
- 3,093
- Reaction score
- 635
- Points
- 113
SEEMOO researchers challenge invisible data thieves.
Scientists from the SEEMOO laboratory have developed a unique application called CellGuard, which helps detect suspicious activity of cellular networks and identify attacks aimed at the iPhone. The main task of CellGuard is to identify fake base stations that can be used by attackers to track location, intercept traffic, and other attacks on mobile devices.
A Rogue Base Station (RBS) is a malicious cell tower that tricks a device into forcibly connecting to it. Such stations are especially vulnerable in 2G networks, where there is no connection verification, as is the case with open Wi-Fi networks. For protection, experts recommend disabling 2G on iPhone in lockdown mode.
CellGuard analyzes packets transmitted between the base station and the device using several key metrics. These include checking the compliance of the tower with the Apple Location Services (ALS) database, analyzing the distance between the user and the tower, and analyzing the frequency, bandwidth, and signal strength. These metrics allow you to identify any anomalies and identify suspicious towers.
However, the developers emphasize that many warnings can be false alarms due to legal anomalies in the operation of networks. For example, new base stations may not immediately appear in Apple's database, and in high-traffic environments, some towers intentionally reduce bandwidth. The signal strength can also vary depending on the conditions.
Despite the potential for false positives, CellGuard remains a reliable tool for identifying potential threats. The app is currently in beta, and its developers invite everyone to try the new technology by installing it on their iPhone, even in lock mode.
CellGuard is an important step towards protecting users from potential threats from fake base stations, although the likelihood of such attacks remains low. Users can take simple measures, such as enabling airplane mode, to minimize risks.
Source
Scientists from the SEEMOO laboratory have developed a unique application called CellGuard, which helps detect suspicious activity of cellular networks and identify attacks aimed at the iPhone. The main task of CellGuard is to identify fake base stations that can be used by attackers to track location, intercept traffic, and other attacks on mobile devices.
A Rogue Base Station (RBS) is a malicious cell tower that tricks a device into forcibly connecting to it. Such stations are especially vulnerable in 2G networks, where there is no connection verification, as is the case with open Wi-Fi networks. For protection, experts recommend disabling 2G on iPhone in lockdown mode.
CellGuard analyzes packets transmitted between the base station and the device using several key metrics. These include checking the compliance of the tower with the Apple Location Services (ALS) database, analyzing the distance between the user and the tower, and analyzing the frequency, bandwidth, and signal strength. These metrics allow you to identify any anomalies and identify suspicious towers.
However, the developers emphasize that many warnings can be false alarms due to legal anomalies in the operation of networks. For example, new base stations may not immediately appear in Apple's database, and in high-traffic environments, some towers intentionally reduce bandwidth. The signal strength can also vary depending on the conditions.
Despite the potential for false positives, CellGuard remains a reliable tool for identifying potential threats. The app is currently in beta, and its developers invite everyone to try the new technology by installing it on their iPhone, even in lock mode.
CellGuard is an important step towards protecting users from potential threats from fake base stations, although the likelihood of such attacks remains low. Users can take simple measures, such as enabling airplane mode, to minimize risks.
Source
