The fake cell towers dotted across US that can gain access to your smartphone operating systems
- 19 false cell towers were spotted in places like New York City, Chicago, Dallas and Los Angeles
- The devices could be stingrays, which in spite of legal questions have been used by police departments for years
- The Cryptophone 500, sold by ESD America, costs $3,500 and runs an operating system licensed by a German company on a Samsung Galaxy S3
Customers using the Cryptophone 500, sold by ESD America, have detected signals from transmitters masquerading as cell towers that, if a cell phone connects to it, can track the phone’s location or leave data on its operating system vulnerable to attacks.
A map released by the company shows hits for these fake towers in New York City, Chicago, Dallas and Los Angeles. ESD America’s CEO, Les Goldsmith, told Popular Science one tower in Nevada was found near a government facility out in the desert.
Though it isn’t clear who installed these ‘towers,’ devices with the ability to trick cellphones into connecting to their network have existed for decades.
The Wall Street Journal reported in 2011 that the Federal Bureau of Investigations used a device known as a stingray to catch tax fraud Daniel David Rigmaiden.
The Los Angeles Police Department purchased a stingray and used it to monitor 21 individuals,according to L.A. Weekly.
Critics question the constitutionality of stingrays. The LAPD used the device to track burglary and murder suspects, in spite of stating the device would be used for ‘regional terrorism investigations’ in a grant application submitted to the Department of Homeland Security.
Popular Science reports that the devices target a smartphone’s ‘baseband operating system,’ which receives radio signals such as cellular, Bluetooth and Wi-Fi.
This functions together with a smartphone’s more user-friendly operating system and personal data can be vulnerable on some phones where the two operating systems communicate.
InfoWorld reports that developers of the Android-replacing operating system Replicant found such a vulnerability in some Samsung Galaxy phones.
Detection: A screenshot from a Cryptophone 500 provided by ESD America shows the phone finding a possible dummy tower
Those worried about the false towers popping up across the map will have to ask themselves what it’s worth to defend their data, as phones from Los Angeles-based ESD America – Samsung Galaxy S3s running an operating system licensed from a German technology company – cost $3,500 according to MIT Technology Review.