A security researcher created a cell phone base station that tricks cell phones into routing their outbound calls through his device, allowing someone to intercept even encrypted calls in the clear.
The device tricks the phones into disabling encryption and records call details and content before they’re routed on their proper way through voice-over-IP.
Security researchers at Check Point Software Technologies have uncovered that Chinese hackers are using fake base transceiver stations (BTS towers) to distribute “Swearing Trojan,” an Android banking malware that once appeared neutralized after its authors were arrested in a police raid.
This is the first ever reported real-world case in which criminals played smart in such a way that they used BTS — a piece of equipment usually installed on cellular telephone towers — to spread malware.
The phishing SMS, which masquerades itself as the one coming from Chinese telecom service providers China Mobile and China Unicom, contains very convincing text with a link to download malicious Android APK.
Since Google Play Store is blocked in China, the SMS easily tricks users into installing the APK from an untrusted source.
“Using a BTS to send fake messages is quite sophisticated, and the SMS content is very deceptive. The message tricks users into clicking a malicious URL which installs malware,”
-the researchers said in the blog post.
Once installed, the Swearing malware distributes itself by sending automated phishing SMS to a victim’s contacts.
However the maximum range of a BTS antenna may be as low as 10-22 miles, the technique is very successful and sophisticated in targeted attacks.
Discovered last year by Tencent Security researchers, the Swearing Trojan has the capability to steal bank credentials and other sensitive information from victim Android devices and to bypass two-factor authentication by replacing a user’s legit SMS app with a malicious version that intercepts incoming SMS messages.