Hacker NewsHacker News
Three men are facing charges in Toronto SMS Blaster arrests
64 points by gnabgib 3 hours ago | 26 comments
nubinetwork 2 hours ago
This was hugely overblown in the media... While the device operates like a stingray, they were using it to spam and phish. The whole claim of "we've never seen this type of device before in Canada" is a lie, because the government and law enforcement both use them. I guess it's okay if they do it, but nobody else can...
reply
mc32 2 hours ago
Yes I think they mean they hadn’t seen it used before outside of sanctioned organizations. Though one could argue some induce with they org likely used it outside of official capacity though not likely with knowledge or approval by superiors.
reply
anigbrowl 49 minutes ago
Wouldn't it be great if public officials would say what they in fact mean the first time?
reply
rdevilla 43 minutes ago
Torontonians are hardwired to be incapable of speaking like this.
reply
panny 2 hours ago
A government backdoor was found and abused by criminals? No one could have predicted this! :)
reply
Jolter 2 hours ago
It’s not exactly a back door. It’s a fake radio cell, mimicking your network provider and acting like a man in the middle. In that sense, it’s like a stingray. The differences are

1. The Stingray eavesdrops, but avoids interfering with user traffic

2. The stingray is operated by law enforcement, not by fraudsters looking to steal your money

reply
QuantumNomad_ 2 hours ago
Isn’t it less of a government backdoor and more of a result of generally old and insecure protocols still being in use for telecom?

Like, the phones happily connect to these fake towers because the signal is strongest from that one and there is no authentication to verify who the tower belongs to, nor encryption of SMSes?

reply
dreamlayers 2 hours ago
How is this possible? Are phones willing to connect to any cell and blindly trust that text messages from there are genuine and really coming from the numbers they claim to be coming from? Isn't there some cryptographic verification?
reply
mcpherrinm 2 hours ago
2g networks didn't have the phone verify the network, so yes they can do this.

At least as of today, most phones have an option to turn off 2g but that isn't a default.

reply
opengrass 2 hours ago
Plausible. Only Rogers still has working 2G.
reply
mcpherrinm 59 minutes ago
It doesn't matter what the network is doing; the phone needs to disable 2g. There's various ways to get the phone to downgrade to 2g otherwise, eg https://montsecure.com/files/2021_downgrade.pdf

Android has it as a toggle: https://source.android.com/docs/security/features/cellular-s...

iPhone disables it for phones in lockdown mode.

reply
Scoundreller 60 minutes ago
And if you have a modern enough SIM+phone combo, it won’t even display the 2g network as an available network, nor 3G on my device.

I wonder if this mostly hit international SIMs, since they wouldn’t be running the same level of SIM code to prefer various network locks like a local SIM.

Helps you stay under the radar and gov services over SMS is a lot more advanced outside of Canada if you want to do some fraud.

reply
capitalhilbilly 2 hours ago
The original standards weren't expecting anyone but carriers to send messages and ramping up security has been a slow process, so downgrade attacks probably work nicely.
reply
opengrass 2 hours ago
Guessing the spammer doesn't want to overload towers or be foxed within the same 3 so they're driving. Maybe the hats(?) shut off on rotation... or eSIM?
reply
kotaKat 26 minutes ago
Well, based on what I'm gleaning from https://www.smsbroadcaster.com/ (yes, they sell these brazenly in the open), I suspect they're doing some SDR shenanigans to bring up fake cell networks and leverage Cell Broadcast instead of just SMS.

https://en.wikipedia.org/wiki/Cell_Broadcast

They are also interfering with connections and attempting downgrade attacks to do 2G SMS messages as well (and is likely where Canadian carriers were picking up the 'millions' of attacks against its network and failed authentication attempts).

Amusingly this was all also caught because of Telus reviewing those SMS messages that were reported as spam from people on iOS/Android and realizing that the messages weren't being terminated inside the cell network at all when they tried tracing them out and suspected that this was the case.

reply
rafram 2 hours ago
Why would someone use one of these instead of good old fashioned SMS / iMessage / email spam?
reply
mcpherrinm 2 hours ago
There's zero spam filtering interfering this way, and you can target your messages very precisely.
reply
tonyarkles 40 minutes ago
And zero record of it ever happening as far as the carrier's concerned.
reply
topspin 2 hours ago
Charges? Cool. In the US we find huge SIM farms in major cities[1], law enforcement shrugs, and everyone forgets about it.

[1] https://www.pbs.org/newshour/nation/how-sim-farms-like-the-o...

reply
chatmasta 24 minutes ago
SIM farm is a different scenario and arguably not even illegal. This story is about scammers operating a DIY stingray that broadcasts phishing messages via SMS to nearby devices.
reply
walrus01 21 minutes ago
People I know in US telecom are not surprised by these SIM farms. These people are either:

a) Doing some weird grey market VoIP thing. 32-in-1 GSM to SIP gateways have been a thing for a very long time in the developing world. Maybe they think they found some arbitrage route for phone traffic to/from the US PSTN that they can profit from. Anyone who interacts with grey market voip stuff will recognize these things immediately.

b) Using them for something like receiving 2FA authentication codes to create bot/socketpuppet social media accounts. In this sort of scenario they'd have live phone numbers/service and the cheapest possible phone plan, and ability to receive incoming SMS. The accounts then get provided to some other group of people who are doing mass advertising/social media manipulation.

reply
nightpool 2 hours ago
"Law enforcement shrugs"? The whole focus of the article is about how the secret service confiscated those devices and charged the SIM farm operators with crimes. Which part of that is shrugging?
reply
htk 37 minutes ago
The article is about Canada.
reply
pnw_throwaway 34 minutes ago
[flagged]
reply
Joel_Mckay 2 hours ago
Not really, the FCC regularly drops >$300k fines on people not creative enough to figure out a revenue model that doesn't irritate everybody. =3
reply
AirMax98 56 minutes ago
Quote from article:

> This wasn’t targeting a single individual or business. It had the ability to reach thousands of devices at once.

This statement reads as AI-assisted — kinda interesting to see, because I am not sure it even is? This type of formal speech language is basically unintelligible from slop now.

reply
bawolff 16 minutes ago
This reads like a pretty standard sentence to me. Especially in the context of a police press release trying to explain tech to the public.

I think at some point people see AI everywhere because they look for it everywhere.

reply