Fake Cell Phone Towers Intercepting Android and iOS Devices

Following revelations from Edward Snowden, which showed that the government was compromising the cell phone activity of innocent Americans, technology companies have worked to create devices that are beyond the government’s reach. The creation of a device called the CryptoPhone 500 shed light on the amount of data that was being intercepted from other devices, using fake cell phone towers.

According to Popular Science, the CryptoPhone 500 is a device which features high-powered encryption and is “marketed in the U.S. by ESD America and built on top of an unassuming Samsung Galaxy SIII body.”

The CEO of ESD America, Les Goldsmith, said that the CryptoPhone 500 runs a customized version of Android that “removes 468 vulnerabilities that his engineering team found in the stock installation of the OS.”

Goldsmith said that his mobile security team found that the version of the Android OS, which comes on the standard Samsung Galaxy SIII, “leaks data to parts unknown 80-90 times every hour.”

Interceptor use in the U.S. is much higher than people had anticipated,” said Goldsmith.  “One of our customers took a road trip from Florida to North Carolina and he found 8 different interceptors on that trip.

Regarding the origin of these interceptors, Goldsmith said that they are still unknown. He mentioned that what his team found suspicious was the fact that “a lot of these interceptors are right on top of U.S. military bases.”  

“So we begin to wonder – are some of them U.S. government interceptors?  Or are some of them Chinese interceptors?” said Goldsmith.  “Whose interceptor is it?  Who are they, that’s listening to calls around military bases?  Is it just the U.S. military, or are they foreign governments doing it?”

According to We Live Security, the existence of these interceptors “can only be seen on specialized devices, such as the custom Android security OS used by CryptoPhone, which includes various security features – including ‘baseband attack detection.'”

Popular Science maintained that the Interceptors found in the U.S. vary widely in expense and sophistication, and that “whether your phone uses Android or iOS, it also has a second operating system that runs on a part of the phone called a baseband processor.

This baseband processor worked as a “communications middleman” between the phone and the cell towers. A senior security consultant at Matasano Security, Mathew Rowley, described the baseband processor as “one of the more difficult things to get into or even communicate with.”