Android security mystery – ‘fake’ cellphone towers found in U.S.

[There have been many comments to this story from people who are assuming that these ‘towers’ are physical installations. There’s no reason to assume this is the case: it’s far likelier that they are mobile installations of the kind used not only by law enforcement and government agencies, but also by scammers and other criminals. (David Harley)]

Seventeen mysterious cellphone towers have been found in America which look like ordinary towers, and can only be identified by a heavily customized handset built for Android security – but have a much more malicious purpose, according to Popular Science.

The fake ‘towers’ – computers which wirelessly attack cellphones via the “baseband” chips built to allow them to communicate with their networks, can eavesdrop and even install spyware, ESD claims. They are a known technology – but the surprise is that they are in active use.

The towers were found by users of the CryptoPhone 500, one of several ultra-secure handsets that have come to market in the last couple of years, after an executive noticed his handset was “leaking” data regularly.

Its American manufacturer boasts that the handset has a “hardened” version of Android which removes 468 vulnerabilities from the OS.

Android Security: Towers throughout the US

Despite its secure OS, Les Goldsmith of the handset’s US manufacturer ESD found that his personal Android security handset’s firewall showed signs of attack “80 to 90” times per hour.

The leaks were traced to the mysterious towers. Despite having some of the functions of normal cellphone towers, Goldsmith says their function is rather different. He describes them as “interceptors” and says that various models can eavesdrop and even push spyware to devices. Normal cellphones cannot detect them – only specialized hardware such as ESD’s Android security handsets.

Who created the towers and maintains them is unknown, Goldsmith says.

Origin of towers ‘unknown’

“Interceptor use in the U.S. is much higher than people had anticipated,” Goldsmith says.  “One of our customers took a road trip from Florida to North Carolina and he found eight different interceptors on that trip.  We even found one at South Point Casino in Las Vegas.” [Editor’s note: Goldsmith has asked us to stress that the tower was actually in the vicinity of the casino, not within the casino itself.]

Their existence can only be seen on specialized devices, such as the custom Android security OS used by Cryptophone, which includes various security features – including “baseband attack detection.”

The handset, based on a Samsung Galaxy SIII, is described as offering, a “Hardened Android operating system” offering extra security. “Baseband firewall protects against over-the-air attacks with constant monitoring of baseband processor activity, baseband attack detection, and automated initiation of countermeasures”, claims the site.

“What we find suspicious is that a lot of these interceptors are right on top of U.S. military bases.” says Goldsmith.  “Whose interceptor is it?  Who are they, that’s listening to calls around military bases?  The point is: we don’t really know whose they are.”

Baseband attacks are considered extremely difficult – the details of the chips are closely guarded. “Interceptors” are costly devices – and hacking baseband chips is thought to be technically advanced beyond the reach of “ordinary” hackers, ESD says. The devices vary in form, and are sold to government agencies and others, but are computers with specialized software designed to defeat the encryption of cellphone networks. The towers target the “Baseband” operating system of cellphones – a secondary OS which sits “between” iOS or Android, for instance, and the cellular network.

Goldsmith says that the devices cost “less than $100,000” and does not mention what level or type of device his team has detected. Most are still out of reach of average hackers, although freely advertised. One model is the VME Dominator, which is described as, “a real time GSM A5.1 cell phone interceptor. It cannot be detected. It allows interception of voice and text. It also allows voice manipulation, up or down channel blocking, text intercept and modification, calling & sending text on behalf of the user, and directional finding of a user during random monitoring of calls.”

What has come as a surprise is how many “interceptors” are in active use in the U.S., and that their purpose remains mysterious.

Author Rob Waugh, We Live Security

  • jim

    what the f where are the cops when you need one

    • BeeKaaay

      writing parking tickets and traffic tickets because the politicians use them as revenue devices instead of the heroes they are supposed to be.

      • Will ……

        heros!? Perhaps, but who else do you think is operating these? You think they’re not in major cities like nyc being operated by new yorks finest?

    • P. Nym

      Are you serious?

    • disqus_rok6W6Svu7

      Listening to your phone calls.

    • Timmoux

      Probably guarding the towers.

      • http://dharley.wordpress.com/ David Harley

        Many other commenters have suggested police involvement. Sorry, but I’m not going to approve them all.

  • John Doe

    Obviously it’s the NSA or some such.

  • jutholmes

    They’re on military bases? Real hard problem, sherlock. They’re owned by the fucking US government. They’re probably all part of anti-terrorist activities. The NSA probably uses them.

    • Liam

      What if it were someone eavesdropping on military base communication? Not as clear cut as it seems, Mr. Watson

    • majestic whine

      ‘anti-terrorist’ activities. Bless.

  • Kyle Hamilton

    The devices are called “Stingray”, and they’re used by law enforcement. NSA/DHS maintain they have legal right to install malware on every device in US, regardless of who owns it, based on their secret selection criteria. The PATRIOT Act allows federal law enforcement to delegate access to these devices, and have done so to several states which now have court decisions on the books allowing them to be used to monitor absolutely everyone within their range without a warrant.

    We are living in the turnkey totalitarian surveillance nation-state.

    • robb32

      hard to hack a phone that isn’t on..or someone that doesn’t HAVE one

      • RamsE39_E38

        CMOS batteries, even when your phone is off it still sends out a GPS signal. Had to trace a phone once after a guy shot his wife in the face..

        • Sophia Keenesburg

          cmos battery last for how many hours … sending out GPS signals???

        • Michael Richards

          GPS specifically, or communication with cell phone towers (or both)?

        • Caption Oblivious

          even when the battery is removed it is still possible to trace a phone these days.

          • Edumacated2

            No it isn’t. The GPS receiver needs power to receive and communicate its coordinates. I work in Emergency Services and we cannot get the signal when the phone is off. Also, I used to work as an EE and you cannot get a device to work without power. The RFID chips get power via microwave and have a very short range to transmit their ID code, think in feet.

          • Caption Oblivious

            who is this “we” you speak of?

            new phones have micro-cmos batteries directly on the mother boards. just enough juice to keep big brother all lubed up…..

        • ashirviskas

          That’s bullshit. When a smartphone is powered off, it is powered off. No wireless signals are being broadcasted. Only some old dumb phones had feature, which enabled getting sms while they were “powered off”, while in reality they weren’t, they just “pretended” to be off, their baseband chips were still working. I don’t believe you. Prove what you just said or I call this bullshit.

      • bobo

        Why would anyone buy a phone and service contract and never turn on the phone?????

        • me

          Prepaid, only on when I need to call, which isn’t often.

        • slango20

          point is the phone may be off, dead battery, off to save battery, etc

        • Caption Oblivious

          get a faraday enclosure.

        • elt

          I know guys that only make calls. Turn it on, make the call, turn it off…

          • johnnyjoeidaho

            That’s a bigger waste of battery than keeping it on. Takes a lot of juice to power up the OS and all the hardware on a mobile phone.

          • yeah right

            ummm no? my crappy old android would drain the battery after an hour or so if I left it on. turning it off and on gets me days between each charge… you are smoking something…

          • http://www.geeknik.com/ geeknik

            So what? Privacy is more important than battery life. =)

      • ChristopherHalbersma

        Not as hard as you might think.

      • MustBeSaid

        A phone that isn’t on isn’t a phone, it’s a useless hunk of plastic.

        • Whiz

          What? It’s still a phone.

    • joe Knight

      Orwellian society, “BIG ROTHER IS WATCHING” and listening!

      • techs

        nsa can use your webcam, microphone, smartphone (even when off but with battery in), listen to calls/text….i read that we knew Orwellian society will come soon and that we will be under surveillance but we didn’t expect it that we ourselves will be installing all equipments for BiG Brother.

      • Kusuriya

        well some one else put it well “The greatest deception will be for governments to get people to pay for their own tracking devices.”

    • Cliff Stamp

      Exactly. The very technology that has..or had…the potential to free us and inform us now will subjugate us and inform on us.

    • Bretware

      Just for the record, Stingray can not put malware on your phone. It can recover calls made/received/length, location data, phone and phone card metadata like IMSI and IMEI numbers.

      • Caption Oblivious

        yet all documents pretaining to STINGRAY are propriety intellectual property of HASERT the manufacturer.Any one using one has to sign a iron clad non-disclosure. That being onm the record, you likely have no idea what upgraded capabilities they may be shipped with or modifications made by unscrupulous 3rd parties.

      • Kyle Hamilton

        Stingray can perform “baseband” attacks, among other thing to force a listening device to connect to and route all communications to it instead of (perhaps higher-strength) non-Stingray towers. The baseband chip is an entirely different chip, running an entirely different OS, and that OS is almost never actually updated. In addition, it’s closed-source and not the easiest thing to reverse-engineer.

        The article references “baseband attacks”. These can perform memory corruption against the memory shared with the application processor. Unfortunately, it is well-documented how easy it is to perform them. We also know that NSA stockpiles 0-day vulnerabilities to use against targets and install malicious software.

        The NSA actually has a closed-source OS available on every phone (including open-source phone OSes). I’m not saying that it would it need to run anything on the application processor at all, if it edited the baseband image in memory that would stay running until the phone was de-powered entirely.

    • Oshiro

      So why do people keep saying that USA is a “free” country? Sounds more like a prison in reality.

    • Tyler

      StingRay is a mobile system (small and portable in cars) able to be used in very short distances by police in vehicles. It is quite obvious these towers were built by the US military for monitoring activity around said bases, likely for protection and to intercept nearby malicious/approaching signals. Why else would they be ON the military bases?

      • Scott Fredericks

        Why Else – to spy on the base, put up by intelegence agancies from other countries. But I agree probably US military.

      • Kyle Hamilton

        Stingray’s range is dependent on the transceiver it is connected to, I believe.

        The real question is, why would these towers be at South Point Casino in Las Vegas, which is as far away from Nellis Air Force Base as you can get in the Las Vegas Valley?

    • Jeff Schmidt

      The government never seems to understand that as soon as you create back doors into devices or software to allow the government in, you are absolutely allowing malicious bad actors to exploit the back door. Sooner or later, the black hats will figure out how to exploit the backdoor, and WILL do so for fun and profit.

      I, for one, wish we had a government more concerned with securing us than making us insecure.

  • Nitelite

    The cops are the ones running these towers. This is what Stingray is.

    • http://dharley.wordpress.com/ David Harley

      Possible but unproven.

      • Jim

        So was the NSA spying on US citizens two years ago. There has always been a void between what we “Know” and what is “proven”.

        Circumstantial evidence tells a much bigger story than evidence “Proves” in most cases.

  • boomin

    Trigger Fish Look it up

  • Bruce Lawrence Bergman

    Hey, ESET: Search up “Stingray cell phone monitor” with special attention to the news:comp.dcom.telecom Usenet newsgroup.

    The Feds have been doing it for years as well as certain Police Departments with deep pockets for buying toys. And they are very careful to keep the name out of court documents to avoid FOIA actions, and the manufacturers have managed to keep all the details secret and the repair and operating manuals classified too.

    But then again, these aren’t being used against Choirboys, so don’t give away too many details. Just the fact they exist is enough to worry.

    • http://dharley.wordpress.com/ David Harley

      A lot of respondents seem to be assuming that these ‘towers’ are physical installations, but you’re correct in suggesting that they could be portable devices. (I’ve no insider knowledge of this issue, but I’d be surprised if they weren’t.) However, the use of fake base stations isn’t restricted to law enforcement or government agencies, or to the US.

      • Cliff Stamp

        I have to wonder….how hard would it be for a foreign power to do something like this? It seems like it would be a bit crude for China or Russia…they have other means, but N. Korea? Just thinking aloud here. Not thinking along the lines of terrorists per se, rather true nations…or emergent nation states. Even a month or two of captured traffic would be invaluable….presuming the encryption could be cracked. Rambling. I need coffee.

      • bobdog19006

        Seems like I recall an article suggesting that law enforcement buys access to a private database that tracks cellphone surveillance. Part of the contract reads like the movie Fight Club. You don’t talk about it or you lose your access. I’m not sure if this is part of stingray or not, but I remember reading the article.

        One law enforcement agency that is known to be using Stingray is the city of Tacoma. Google “stingray cell phone tower”.

  • Ed_Luva

    Man, this is a great story. Is anyone working on getting all locations of the domestically placed intercept towers? This new security literacy being required of the American people is pretty complex, but it’s like living in a spy novel. I’m in!

    • http://dharley.wordpress.com/ David Harley

      As several people have pointed out, these aren’t necessarily static installations.

      • simplulo

        Has anyone tried surveilling the surveillors?

        • Mike Maus

          You are not catching the drift…these systems are sniffing for hackers and providing a publicly untraceable back door into smartphone data systems. Your communications are completely under the control of unknown agents for secret purposes if someone is willing to spend lots of money.

        • Bruce Lawrence Bergman

          ‘Watching the Watchers’ is a good idea, I have radio scanners and a Radar/LIDAR Detector. BUT you are a Krill that wants to go dancing with a Whale – They can make you disappear and never even notice they did it.

          You want to spend a few hundred grand on the specialized Cellular Spectrum Analyzer and Service Monitor gear to intercept the raw signals, and even more to get access to the lower-level data control signals they’re using for the hacks, you go right ahead.

          Better bank a bunch for bail and lawyers, too. Murphy’s Law of Combat: Tracers Work Both Ways. They’ll see it when you start poking around, just like Massachusetts Cops with their VG2 Radar Detector Detector.

  • tB

    So they sink tons of cash into the BS ‘War on Drugs’ but some assholes have the time & resources to build multiple towers in multiple places & got away with it & no one noticed multiple times? Something seems a bit off to me.No way this went down without someone getting paid off or knowing.. Where’s the NSA now? If they know so much how did they not catch or know of this, at least once.. or could it possibly be theirs?

  • http://www.ninzo.com/ Bob Dinitto

    They must belong to the NSA. Who else would have the authority and the secrecy to plant rogue cell towers all over the US? And who else would want to?

    • http://dharley.wordpress.com/ David Harley

      There’s no indication that they’re static installations, as far as I can see. Who else? How aboutr criminals? Mobile stations are certainly being used in various parts of the world by scammers.

      • Austin Smith

        Other than the picture used…might want to update it to alleviate the confusion that is where the indication is coming from.

        • http://dharley.wordpress.com/ David Harley

          Actually, that’s a good idea. I’ll pass that on, or maybe login and put a note to that effect when I have a moment.

          • http://dharley.wordpress.com/ David Harley

            Added a note. It will take some time for the amended version to propagate.

          • Austin Smith

            You should probably replace the image, your entire article reeks of an advertisement for this android phone company, you use an image that is intentionally misleading to drum up more interest with a title saying “fake cell phone towers…” then you leave a note demonizing people for using the information you intentionally put in an article even after many people told you that using that image was misrepresenting the situation and yet it stays..8 hours later.

      • Jim

        You may be correct that it is criminals, but knowing what NSA does openly now suggest that criminals would be caught quickly by NSA and other authorities (I call them criminals).

        Common sense strongly suggest otherwise.

  • Steve

    Start to dismantle one of the towers. The owners will show up soon enuff.

  • wil

    cut power to the tower and wait and see who shows up. mystery solved

    • http://dharley.wordpress.com/ David Harley

      Not if they’re mobile installations, as seems probable.

  • Skyler Wroblewski

    I Live in Nevada and was in the Nevada National Guard. I find it interesting that the nevada guard only uses the South Point Casino for events. Also, the F-22 & the Predator drone were partly developed in Las Vegas (Area 51).

    I believe these towers are used to track potential espionage attempts.

    • danny king

      The double-think is strong in this one.

    • http://remixedcat.blogspot.com RemixedCat

      LV is also used to TONS of hacker “conventions” as well

  • MoonSnack

    This isn’t good..

  • DigitalSmoke

    are there any of these in los angeles? locations?

    • http://dharley.wordpress.com/ David Harley

      We’re not connected with ESD. We don’t have that information. In any case, these probably aren’t permanent installations.

  • Adrian Martin

    I’d like a more independent source, they are telling us of a threat and selling us a solution in the same breath.

  • Johnny

    Installing more towers

  • notmyaltacc

    Tell us where they are damnit.

    • http://dharley.wordpress.com/ David Harley

      Rob Waugh is in the UK. I’m afraid he’s not in a position to go hunting fake towers in the US.

  • Sixteanine

    Scary. Zzzzzz

  • RickRussellTX

    Mystery? Reveal where they are, and somebody will have city and county ownership records, construction permits, easement permits and electric bills inside of a business day.

    • http://dharley.wordpress.com/ David Harley

      These are probably not static installations. Hopefully, the company that flagged them will have notified a responsible agency rather than just issuing a press release.

  • Jim pin

    This piece reads like an infomercial at times.

  • skad0000

    “What we find suspicious is that a lot of these interceptors are right on top of U.S. military bases.” says Goldsmith. “Whose interceptor is it? Who are they, that’s listening to calls around military bases? The point is: we don’t really know whose they are.”

    “I’m not saying it’s the military, but, it’s the military”

    • http://dharley.wordpress.com/ David Harley

      You know this because…?

      • Buckaroobonzai100

        occam’s razor

  • sam

    cut the power to these towers and question whoever shows up to fix them…one way to find out who they are

    • http://dharley.wordpress.com/ David Harley

      You’re assuming these are static installations. That isn’t necessarily the case.

      • fagtron

        ahhh commander Data, we’ve been looking for you, the captain needs you on the bridge

  • tom

    ‘merica land of the free home of the fake towers

  • Dumitru Alin

    apple owned i guess !

  • hans

    Dont these towers need to send their stolen information somewhere? Isn’t it easy to check where they send the information to?

    • Alex Johnson

      Oh I wish it were that simple. In the world of IT encryption is the name of the game and christ almighty it doesn’t get easier thanks to Moore’s Law. As as future SNA quite frankly I’m pissing my pants in regards to security and the issues the IT field face as well as myself included.

    • julius rosen

      not if its wired

  • http://mrkonc.com/ Konc

    Is there really any doubt that NSA is behind this?

    • http://dharley.wordpress.com/ David Harley

      Certainly there’s doubt as to who is behind it. Mobile kit of this sort is used all over the world by law enforcement, government agencies, and criminals.

      • Mike Maus

        “Criminals” would of course be users who law enforcement agencies don’t want to identify for private reasons like the blatant corruption of “Iran/Contra”, military communications security, banking system data security, or foreign espionage.

  • bedrockq

    Lol…an advertisement disguised as a news story. People lap it up. The NSA is a big deal…..for people looking to exploit the fear generated by it!

    • http://dharley.wordpress.com/ David Harley

      The story does rather read like an ad for Cryptophone 500, but that doesn’t mean there’s no truth in it. I’m seeing a lot of assumptions about the NSA in the comments to this story, but no evidence either way.

  • Gary M.

    Rob Waugh calling these groups of equipment “towers” AND posting a picture of an actual tower is idiotic. You’ll have some bubble heads thinking that they are physical antenna arrays somewhere in the open. They are not, in fact.

    If there were actual physical towers it would not be a problem at all to track the builders and the users.

    • http://dharley.wordpress.com/ David Harley

      Idiotic is putting it a little harshly. But yes, some commenters have made that assumption.

      • Pablo Cervantes

        Idiotic is harsh? When the lead off sentence is “Seventeen mysterious cellphone towers have been found in America which look like ordinary towers,” I’d say a bit misleading…

        • http://dharley.wordpress.com/ David Harley

          Misleading, certainly.

          • Bruce Lawrence Bergman

            Not terribly misleading – they started out as portable units the size of a desktop computer, but when they can be found reliably in the same fixed locations over time odds are it’s some sort of semi-permanent install with a utility power feed.

            In a large cabinet bolted to the back-side of a Digital Billboard disguised as part of the controls, inside a house or office suite with the antennas in the attic, etc. You could build an underground Controlled Environment Vault just like the Phone Company uses, but the locks on the hatch are different – Disguise the antennas as a “Micro-cell” on a nearby phone pole.

            Might be in a customized van or car, but they take too much power to be far from an outlet or running alternator for long.

          • b23h

            Wow, Mr. Bergman that’s quite an ability you have there. There is no doubt the statement “which look like ordinary towers” is deeply misleading. There is no indication that the “towers” are towers as physical objects as one normally uses the term and therefore the use of the word “look” is used only to mean that they are electronically indistinguishable from normal cell phone towers.

            Whether or not these objects are portable or not is irrelevant or what their power source is as the likelihood is that they look nothing like towers.

          • Bruce Lawrence Bergman

            The RF signals emitted by these ‘rogue cell towers’ look to the radio in your Cellphone like an ordinary tower by design – they are functionally blind, only listening to the data giving them commands.

            Physically there are no such restrictions on “What a cell site looks like”, you have to develop a sixth sense of picking out the little details of a building and going “That looks unusual”.

            You can only disguise an antenna array so far – they have to be up high with a clear shot in all directions, and a radio-transparent fiberglass cover if they’re imitating the building features in a “Bell Tower” or a suspiciously fat “Flagpole”. A trained eye can pick out most of the “Stealth Cell Site” style antennas. They can even be concealed inside large Neon Signs on buildings, behind the Plexiglas face.

            I’ve seen commercial cell sites built into Clock Towers, Water Towers (they put the vertical panel antennas as the posts along the “walkway” handrails) Fire Station Hose Drying Racks, Billboards, and permanent shopping center signs all over the place – If it’s on a high point and has a clear view of a mile of Freeway or major highway in all directions, it’s a valuable location.

            {EDIT: Oh, and Fake Pine Trees, Queen Palm and Date Palm Trees, and other greenery too. Works best when they plant a dozen real ones interspersed with the two or three fakes in a grove. But they have to keep the real ones pruned back or replaced often as they outgrow the steel ones.}

            But that doesn’t tell you whether that antenna array is a legit Cell Carrier install, perhaps a Business Band repeater system, TV or Radio Remote repeater, or other legit gear – or one of these Stingrays set up semi-permanent. You need some really fancy electronics like a “DC to Daylight” spectrum analyzer – or your own Stingray – to find that out.

            Or get up on the roof of the suspect building, where there’s a legally required warning sign telling you not to stand in front of the antennas without calling a certain phone number first – and the Cell Company will turn off the base station while you work. If you see antennas and don’t see that sign, be suspicious.

          • b23h

            ACK!! Keep in mind you stated that “Seventeen mysterious cellphone towers have been found in America which look like ordinary towers” IS NOT misleading. Whether or not all cell phone towers look like the standard cell phone tower, the use of the term LOOK to only designate certain aspects of functional equivalence ignores the common usage of vision for a connotation and a perspective from the cell phone. “Look like ordinary towers” is poorly written and misleading.

  • American Patriot

    Monitor these fake sites with a service monitor configured for W- CDMA/GSM, then look at the uplink and downlink signals. Most W-CDMA sites have baseband signals that are 3.84 MHz, wide. A fake tower site must also conform to industry standards, or they are of no use. Uplink frequencies are in the low 800 band, and downlink frequencies are in the upper 800 MHz. band to nearly 1.0 GHz. You can ignore the 900 ISM band completely, this is NOT used for any cellular systems in this nation.
    UHF in the 400-500 MHz. range is also not used. 700/800 is comprised of trunked radio sytstems, so you see a lot of data channels squawking here.
    Keep looking, the answers are there, you simply need to know where to look, and what to look for.

  • Ilya Simkhovich

    i really started to hope that the government was listening to the ambient sounds in my living room almost TEN YEARS AGO. i think it’s funny if they have to listen to the movies i watch; i obsess and can watch something religiously when i get home from school and begin to relax so they would have ended up listening to “scarface”, “goodfellas”, “the stoned age” or the entire series of “the sopranos”, “seinfeld”, “oz” or “the simpsons” several times. what does it matter? the NSA doesn’t care about ANYTHING lower than a national security issue; they don’t care if you are talking about drug deals or even low level felonies that the FBI would love to know about because the FBI isn’t allowed to spy illegally to find felons. NONE of you, even bill gates, elon musk or whatever have ANY reason to worry about being spied on. even if they ARE recording the sound of your room through the mic, compressed and sent to the tower, you’re flattering yourselves to think that they care to hear you arguing with your spouse about which grocery store to go to or what stupid television you watch. get a life. just because they’re spying doesn’t mean you should feel paranoid. it’s not a crime to stare at someone on the street; it’s really not that bad for them to be watching you all the time. you 30 cameras watching you in a walmart… grow up.

    • Jarod Sholtz

      What makes you think a human is listening?

      I have a free app on my phone that listens to a song, and within a few seconds tells me what song it is, and gives me the lyrics. And it does this in a crowded bar full of loud drunks. A fake tower intercepting cell signals could do the same thing, but scanning for different keywords. If it matches, the conversation might be sent to a human.

      Try saying something that the SS wouldn’t like in a phone call with someone, and see if they come knocking on your door. If they have to come all the way out to see you, chances are good that you won’t be treated kindly.

  • Mike

    Turn the power off to one of them and wait to see who comes to repair it !!

    • http://dharley.wordpress.com/ David Harley

      They may well not be static installations. A mobile base station can be suitcase-sized.

  • Richard Gibbard

    Why were these things developed?

  • mick

    sounds like our government to me ! you need special permits to put up cell towers which means they know who put them up there just being paid for their silence !

    • http://dharley.wordpress.com/ David Harley

      Not if they’re mobile installations, as seems likely.

  • Jay Briwn

    Is it bad that i don’t want to even google Cryptophone 500 to read more about what it is, even if i don’t want to buy one? Why does everything you do even with no ill intents have to be monitored?

  • Steve Low

    These fake base station are just typical interceptors a.k.a stingray, most vendors are only interested to sell to law enforcement or large corporation which are willing to pay a lot for it.

    Alternatively you can easily buy 1 from China(although the chinese government just banned public sale of these fake base station equipment recently, you can still easily source for one). Or if you are technically savvy enough, you can build 1 using some old motorola phones by using an open source baseband called OsmocomBB.

    The “CryptoPhone 500″…while I do not have the details of the product, you do not need any ultra secret phone to detect such fake base stations. If you have ANY samsung galaxy S3 phone, just install this “IMSI Catcher Detector” android app (https://github.com/SecUpwN/Android-IMSI-Catcher-Detector)

  • Jmdintpa

    DUH your very own US Government is doing it. Do you people really think you live in some free society. we are about as free as the ordinary russian. our government tells us what to eat , when to sleep, what to wear and what to watch on tv and the radio. the fear of terror after 9/11 pretty much did the country in. we gave up all freedom for fear. we have become so afraid i guess we really dont deserve to be free. we elected the people who put into place these towers, we elected a government who made the homeland security, we continue to elect people who only care of power and money. we really deserve all this because we allowed it.

    • Jim E

      You must be in prison. Nobody’s ever told me what to eat, when to sleep, or what to wear and nobody ever will.

    • Richard Kline

      “Our government tells us what to eat” really? How about some proof.
      “When to sleep” Really, so the government told me to sleep at 10:30pm last night after I was done reading the news.
      “What to wear” WRONG.. my wife tells me what to wear… LOL… oh… yeah, she’s a secret government clothing agent.
      “What to watch on TV/Radio” again… really? I have kids, I don’t get to watch TV. I hardly listen to the radio… oh… wait… I”m excercising free choice, but I’m actually being subliminally coerced into listening to the recording of the Chamber Choir I sing it… IT’S ALL A CONSPIRACY!

      “As free as the ordinary russian” Do you actually know any Russians? I do….. I get a different feeling from them…

      What a joke.

  • Richard Amodeo

    Being that they are located at or around military bases leads me to believe that they (the government) are trying to intercept any possible terrorist communications related to attacks and spying of military installations. That of course is just a guess but it makes sense because military installations contain things terrorist would be interested in.

  • citizenx

    A map with the locations of these towers should in the first sentence of this story.

    • http://dharley.wordpress.com/ David Harley

      No map. Quite possibly no static towers.

      • Cole

        they are mobile units normally, think a police stake out in a van listening to everything with huge dishes on top …these are basically vans that have installed software and hardware needed to intercept your voice/data and they can even ping back/upload keygen, viruses, spam, ect …they can keep getting your information this way using an online decoder that sends them transcripts of important sequences such as 16 digit CC numbers, bank numbers, if you purchase anything using your phone and it shows up on your bill they can steal the authorization key and charge money off your account and safely into a paypal account , that leads usually to a walmart prepaid card (GE Bank) , that is usually in a fake name…. Online/mobile security cost America around 20 billion per year, much more than all other types of theft combined. It’s a serious business with serious rewards and they are rarely caught, we don’t exactly have internet police so unless you pull string to get the FBI involved or they some how steal enough from one person to warrant the FBI’s involvement (like over 10 grand from one person, not several , one) then your local police are not trained to do anything about it. We need to form a new agency who governs these things but we can’t because that would require putting some legal standards on media,internet,data,and mobile usage and America already shot that down citing “don’t infringe on our Internet rights” when it had nothing to do with that. When this problem reaches closer to a few hundred billion maybe we will change our minds or maybe we will still btch about illegal immigration while ID thief’s bankrupt our country in ways even the most conservative, racist, obama hating person couldn’t imagine….The power of social media ruined something we could of solved years ago, OUR FREEDOM OF INTERNET SPEECH , lol nothing is free, either way we will pay.

  • http://dharley.wordpress.com/ David Harley

    You do know that I didn’t write the article?

    • jason

      I was referring to the collective ‘you’ of this site. My question was rather rhetorical seeing how you mentioned the author is in UK, and the only mentioned source is a cryptophone employee. Nice ad!

  • Reasonable assumption

    Doesn’t anyone ever consider the fact that the people most interested in who is making calls around military bases would be someone like China or Russia, and NOT our own country?

    Just because its in our country, doesn’t mean that our government did it. There are plenty of nations with the capabilities to do that. And to be honest, our government can care less about what 99% of us are doing every day, you’re just not that interesting and/or important.

  • winter32842

    My money is on NSA and CIA.

  • transmitterguy

    I’m a transmitter engineer and have noticed equipment “popping up” on previously vacated towers, with no specific signage of what they are. We were told that some towers have had a private internet antennas installed for banking use. Maybe these other towers are listening to the banks data?

  • Jim

    There may be even more of these than we think since they now make communication towers that look like trees.

  • Elected by the People

    It can cost up to a million dollars to build a cell site with all the logistics, equipment and personnel. The owners of the site is a matter of public record, the building has to be approved by a committee weather it is a state, city, county or tribal area. Tell me where these 17 cell towers are and I or anyone who knows how to the proper reseach which is not that hard as I said is public record and you will find out a little of who owns and pays for the land lease.

  • ThinkMn

    Who and what are their purpose? Simple NSA once again. Of course they’ll claim they only use them for legitimate reasons and within the limits of the law – most of the time.

    Time for me to upgrade my Android OS to the secure one obviously.

  • wkb123123

    The thing that just doesn’t add up…
    These are rogue, fake towers, supposedly constructed by scammers, with criminal intent, then why do we allow them to exist, to continue?

  • James Patrick

    The communication privacy laws are out dated, they were created before the age of the internet and smart phones, what this means is land lines have rights and cannot be tapped without a court order, however wireless cell phones and smart phones were not around to be included in those protection laws which means police and government agency’s can at any time access your phone remotely and monitor all you do with it

    Personally IDC if the powers that be want to intercept the lovey dovey messages and slightly inappropriate pics i send and receive let them get their jollies off I have nothing to hide and nothing worth stealing.

    I just believe they really should find something better to do with their time and technology than use our tax $$$ to fund their peeping tom tendencies

  • fisharmor .

    If you had a bazillion dollars in your lap and got told to go find terrorists, what are you going to do? Are you going to train and hire special ops teams to go overseas to places with 120 degree temperatures where there are actual terrorists, or are you going to stay home in your AC and invent some? One approach requires listening in on all phone conversations, and the other doesn’t.

  • ESD America

    The CP500 features a baseband firewall that detects changes in the cellular network. Additionally it can detect when someone trys to send any data to the device. The firewall can identify the difference between OS Activity and Baseband Activity. Please feel free to contact us with any questions. info@esdamerica.com

  • Snarkattack

    No one writes their legislators or votes (unless their guy is a sure winner) so we can do w/e we want. -authorities, criminals

  • me

    The Mexican cartels do this in Mexico. They create their own towers to have their own frequencies. Hope its not them though.

  • dfhd

    R U sure they aren’t Chinese?

  • Charles Batchelor

    It’s really a no brainer, NSA.

  • mel adrama-matic

    Just so you know. No special towers are needed. the actual cell towers can do all the fun stuff listed. as far as government tracking it’s people. FCC took care of that awhile ago. with the right radio equipment and know how anyone can assemble a similar device. for every technological convenience we gain, we are tet6hered to the grid. welcome to the matrix.

  • Andrew Godfrey

    “There have been many comments to this story from people who are assuming that these ‘towers’ are physical installations. There’s no reason to assume this is the case.”

    People are assuming that because in the first line of your article, you say:

    “Seventeen mysterious cellphone towers have been found in America which look like ordinary towers.”

    So, yeah. Get your story straight.

  • oregonlogger

    Wow…what a surprise…Bazinga!

  • Derryk Amiker

    It’s the Russians…..or Chinese they are out there watching listening and learning. Be afraid people

  • Bretware

    If there was one at the South Point Casino, it very well could be organization crime

  • Charles Dallas

    If we know they are fake towers just destroy them.

  • RampageBiking

    FBI/CIA/DEA/ICE/ETC have had installations in cellular towers for as long as I can remember. This is nothing new. Source- I have worked in wireless for 15 years and have had all the above in my wireless switch when they come to fix their broken crap.

  • Peter van Hoof

    I am not sure if these are factual but I would like to see a list of locations where they think these towers are. I am fairly sure that when accurate they will not remain published very long though.

    It is already virtually impossible to find out which company operates a specific tower, signal strength nearby is not always a good indicator.

  • Evan Langlois

    This is old information. The FBI admits to using these years ago http://www.wired.com/2011/11/feds-fake-cell-phone-tower/
    The article mentions that the government claims there is no expectation of privacy over the airwaves. However, general voice communications are encrypted, and according to the DMCA (which makes playing a DVD under Linux or other non-approved devices a federal offense) the decryption of data without permission is illegal. I would say that this constitutes an expectation of privacy because the privacy of that data is protected by federal law! I wonder if the EFF has gotten in on this. The ACLU already has. I encourage everyone to support both the EFF and ACLU because these places exist to fight exactly this sort of abuse.

    • Yo_Its_Me

      VERY HELPFUL LINK Evan, thanks!

  • Kris Shankar

    If you want to avoid being snooped on, should buy a Windows phone? Not enough of them out there for the NSA to go through the effort of putting up towers to snoop on them…

  • grant

    no doubt, it’s our over intrusive NSA at it again listening in on Americans.

  • FFdaisy

    I find out the ‘fake’ cellphone towers report in China, everyone can download it here:. But it’s in Chinese, wish who can translate it into English!

  • Evan Langlois

    PLEASE READ! It’s NOT a tower. Ignore the picture. Its a device that is detected by the phone as a tower. A tower “emulator”. Get it? You can’t walk up to it and pull the plug. It could be sitting in some guys trunk or in a van being driven around, or simply a tower to trace and route the cellular communications on a military base, which is VERY likely. The government stations wouldn’t be owned by Verizon or AT&T and wouldn’t be in the database of the app that is detecting the towers. No one is driving by a huge tower without an owner.

  • Markrod420

    Their purpose is only a mystery if you continue to refuse to acknowledge the clear evidence that we have no privacy from govt or private industry and no protection from their collusion together. However if you choose to accept the obvious reality, that our govt and large corporations are deeply corrupt and working against us, its quite clear where these towers came from and how they are being used.

  • RickRussellTX

    Mr. Harley, regarding the qualification you added to the article, why did you say:

    > Seventeen mysterious cellphone towers have been found in America which look like ordinary towers

    when, in fact, you have no idea what they look like? Why did you lead with the phrase “fake cellphone tower” and use a picture of a cell phone tower?

    • http://dharley.wordpress.com/ David Harley

      The article was written by Rob Waugh. I only added the clarification at the top.

  • Krasnaja Zvezda

    So if these rouge “towers” are 2 way, why not get a spectrum analyzer and track them?

    • mtent57

      They’re gray. If they were rouge they would be fairly easy to spot.

  • crolfe37@yahoo.com

    ok so lets figure it this way…i watched a movie one time and they used a frequencie that attacked the grid….they know of 17 of these towers as of the date of this post….what if only takes 28 scattered around this country to cause an emp causing total destruction of everything electrical in the united states as it was in the movie….they should destroy these towers not monitor them to see there purpose…after all they are illegal and are probably owned be a foreign country…a loss of our grid for only 30 minutes would allow terrorists and enemies of the us to enter our country undetected

  • WinstonSmith2012

    I suspect this may be very much ado about nothing. Mobile cell van supplements are used for capacity supplementation in high traffic areas and in emergency situations, like post-tornado or hurricane comm. It could be that the tendency for these vans to be located near military bases may be a “if it’s not deployed for an emergency, we might as well use it at its home station” philosophy, those vans being on the bases as part of some Homeland Security or FEMA emergency comm program.

    Cell on Wheels (COW)

    http://en.wikipedia.org/wiki/Cell_on_wheels

    • Geordie Schall

      Wrong. There should be much ado about intercepting phone calls and texts, because it is an unconstitutional breach of privacy. And illegal, for those of you that spit on the Constitution (that’s you, all you rightwing law-and-order nutjobs).

  • WinstonSmith2012

    Most likely much ado about nothing. The claimed (in the PopSci article) tendency for these to be near military bases probably means these are mobile cell systems for emergency comm associated with DHS or FEMA that are used while not deployed for training with constant operation also providing fully “burnt-in” and known to be fully operational systems to be deployed to an emergency area (ex., hurricane) while providing the added benefit of supplementing cell coverage in their area when not deployed. Google – Cell on Wheels (COW).

  • Garandy

    If they’re on military bases, they probably belong to the Cybersecurity arm of whichever service operates the base (For USAF, that’d be Cyber Command) – it’s entirely right and legal to monitor communications moving in and out of your bases as a means of investigating potential security leaks.

    • Jake Steele

      So a casino is part of what branch of the military?

  • James D. Haskell

    “[There have been many comments to this story from people who are assuming that these ‘towers’ are physical installations. There’s no reason to assume this is the case: it’s far likelier that they are mobile installations of the kind used not only by law enforcement and government agencies, but also by scammers and other criminals. (David Harley)]”

    David Harley, did you read the first paragraph?

    “Seventeen mysterious cellphone towers have been found in America which look like ordinary towers, and can only be identified by a heavily customized handset built for Android security – but have a much more malicious purpose, according to Popular Science.”

  • BlondeArrow

    Since the beginning of telecommunications, which both wireline and wireless, the ability to “eavesdrop” has ALWAYS existed. This began with the telegraph! If it wasn’t the “operator” who connected your calls (before switches were invented), it was the police or the FBI who were tracking suspects. Why did the US military recruit the Navajo Indians (i.e. “talkers”) to send messages in the Pacific vs the Japanese? The same “dangers” have always existed with the internet and e-mails. For some reason, many people want to believe that telecommunications, in this day and age, is different! It’s not. Let’s face it, if Russian hackers can access the private, encrypted, financial records of the major banks, why are people surprised that hackers can also access our personal communications?

  • sirald66

    If they are installed by military bases, two thoughts come to mind.

    Either they are foreign actors spying on the military.

    Or it is the military spying on its self — trying to ferret out moles.

  • w w

    Cut one of those towers down and you will find out who owns it real fast. Should be a lot of scrap metal in one of those things.

  • battling_ignorance

    Anybody know where the map of these locations is?

  • J or Jefe

    This story conveniently comes out two days after the huge celeb iCloud hackathon. Coincidence or no?

  • terry bigler

    So again technology turns on us,,but it is not technology it is the criminals that subvert it..Whether it be for monitary gain or political interest the outcome is roughly the same.Want to be secure ,,whisper in someone’s ear..Best idea is to put no personal information into the ether and keep your business to yourself.It would not surprise me that many of these “snooper towers” are brought to you by the NSA,who seem to want to know everything about everybody.The other alternative is to be so useless as to be a waste of those people’s time,In that respect I have succeeded.

Follow Us

Sign up to our newsletter

The latest security news direct to your inbox

26 articles related to:
Hot Topic
ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.