Give a signal: how hackers attack phones with SMS blasters
Hackers can attack Russians' phones using SMS blasters, experts have warned about this. SMS blasters are special radio transmitters that fake mobile network signals. These devices allow cybercriminals to secretly send SMS messages with malicious content, bypassing all security measures. For more information about how SMS blaster attacks are organized, how dangerous they are and how to protect yourself from them, read the Izvestia article.
What are SMS blasters?
Cell phones are designed in such a way that they automatically select the base station with the strongest signal for connection, Mikhail Saveliev, director of Rostelecom's Information Security Methodology department, said in an interview with Izvestia. This allows you to reduce the signal transmission power and, as a result, save battery power. Usually, real cellular stations are placed on poles and roofs of buildings.
"However, if an attacker places a device simulating a base station, for example, in the trunk of a car, then it is highly likely that nearby phones will connect to it," says the specialist. — The so-called SMS blasters are based on this principle.
According to Mikhail Saveliev, the main task of SMS blasters is to make the phone connect to itself for a short time and receive an SMS message. Since in this case there is a direct transmission of the message without the participation of the telecom operator, there are also no spam and other unwanted message filtering systems.
Such an SMS can be relatively harmless, for example, it may contain advertisements. However, in more dangerous cases, an attacker can use it to send a phishing message with a malicious link aimed at gaining access to the victim's personal data or finances, Mikhail Savelier emphasizes.
What is known about the use of SMS blasters by hackers
Cases of attackers using SMS blasters have already been recorded abroad. In particular, on June 24, The Guardian reported that Ruichen Xiong, a Chinese student, received a prison sentence in the UK: according to investigators, on March 22-26, he drove around London in a black Honda CR-V with an SMS blaster in the trunk and sent malicious messages to tens of thousands of potential victims. The student was sentenced to more than one year in prison.
The Guardian's journalists call SMS blasters a relatively new technology for fraudsters: for the first time, the British police encountered these devices in 2024, when they carried out arrests in Manchester and London. In the summer of 2024, the first arrest due to the use of an SMS blaster was also carried out in New Zealand. Cases of using the devices have been recorded in other countries around the world, including Thailand.
"There have been no cases of such devices being used in Russia yet, but there is a potential risk of their use," Mikhail Saveliev believes. — Given the development of technology and the availability of components, such attacks may appear, especially in crowded places.
Marina Probets, an Internet analyst and expert at Gazinformservice, agrees that there is technically a possibility for attackers to use SMS blasters in Russia and the risk of its implementation is quite high. According to the expert, given the development of cybercrime in Russia and the availability of the necessary technologies, the appearance of such attacks seems likely.
— The lack of public information about the application does not mean the absence of attacks themselves — fraudsters often act covertly, and detecting such attacks is difficult due to their complexity and non-standard nature, — Marina Probets emphasizes.
The trend towards using SMS blasters, which began back in 2024, is just a new round of using this attack vector, which has been used and developed by hackers for many years, adds Boris Kalyuzhny, senior information security analyst at Innostage. According to the expert, in general, attempts to use replacement cell towers have been recorded for a long time — in Russia, a similar case was recorded back in 2015.
What schemes can cybercriminals use SMS blasters in?
SMS blasters can be used by fraudsters in various conditions and schemes, says Marina Probets. In particular, attackers can use them in places with poor network coverage, where smartphones are most vulnerable to signal tampering. They can be deployed in crowded places (concerts, rallies) to simultaneously attack multiple devices.
"The fraud scheme may include sending phishing messages with links to fake websites, messages demanding urgent money transfers, or messages containing malicious software," says the Izvestia source.
In addition, according to Marina Probets, SMS blasters can be used to spread spam or carry out DDoS attacks on SMS gateways. In general, the use of SMS blasters expands the possibilities of fraudsters, allowing them to bypass standard security measures and cause more widespread damage.
The use of SMS blasters is advisable in crowded places – this increases the number of potential victims, adds Evgeny Kazyulin, an expert on cybersecurity at Angara Security. In particular, with the help of such devices, attackers distribute phishing mailings under the guise of legitimate senders, for example, popular online services or banks.
Such attacks became possible due to vulnerabilities in outdated but not decommissioned communication standards, in particular, in the 2G network. The smartphone can automatically connect to a stronger network signal. The 2G standard does not provide for mandatory authentication of the base station, and therefore it becomes possible to replace it with its own source, the specialist explains.
How to protect yourself from hacker attacks using SMS blasters
The main danger in attacks using SMS blasters is that they bypass most of the standard protection methods, says Evgeny Kazyulin. According to the expert, it is quite difficult to suspect a trick, since the SMS may come from a legitimate person.
"First of all, the least technically savvy groups of people are susceptible to such attacks: children and the elderly," the Izvestia interlocutor notes. — The result of such attacks may be the leakage of the victim's personal data and the access of intruders to bank accounts.
Almost all smartphone owners can become potential victims of attacks using SMS blasters, especially those who are located in areas with poor network coverage or in crowded places, adds Marina Probets. Attackers can target users of different ages and levels of technical literacy by spreading phishing messages, malicious links, or messages exploiting social engineering.
The danger lies not only in financial losses, but also in the theft of personal data, installation of high-tech equipment and other negative consequences. To protect against SMS blasters, Mikhail Saveliev recommends disabling support for outdated mobile communication standards. According to reports, SMS blasters simulate a 2G network, so disabling 2G mode in your phone's settings can significantly reduce the likelihood of an attack.
— iPhone owners should activate the SMS filtering function from unfamiliar contacts, — says the expert. — It is also important to be careful: under no circumstances should you click on links from SMS messages if there is even the slightest suspicion that they were sent by an attacker.
At the same time, it should be noted that Russia has a well-organized radio frequency service that constantly monitors the airwaves, so the appearance of such a "fake" access point will be detected fairly quickly, the Izvestia interlocutor concludes.
Переведено сервисом «Яндекс Переводчик»
