IMSI-catcher
An international mobile subscriber identity-catcher, or IMSI-catcher, is a telephone eavesdropping device used for intercepting mobile phone traffic and tracking location data of mobile phone users.Essentially a "fake" mobile tower acting between the target mobile phone and the service provider's real towers, it is considered a man-in-the-middle (MITM) attack. The 3G wireless standard offers some risk mitigation due to mutual authentication required from both the handset and the network.However, sophisticated attacks may be able to downgrade 3G and LTE to non-LTE network services which do not require mutual authentication.
IMSI-catchers are used in the United States and other countries by law enforcement and intelligence agencies, but their use has raised significant civil liberty and privacy concerns and is strictly regulated in some countries such as under the German Strafprozessordnung (StPO / Code of Criminal Procedure).[1][4] Some countries do not have encrypted phone data traffic (or very weak encryption), thus rendering an IMSI-catcher unnecessary.
International Mobile Equipment Identity
The International Mobile Equipment Identity or IMEI /aɪˈmiː/ is a number, usually unique, to identify 3GPP and iDEN mobile phones, as well as some satellite phones. It is usually found printed inside the battery compartment of the phone, but can also be displayed on-screen on most phones by entering *#06# on the dialpad, or alongside other system information in the settings menu on smartphone operating systems.
IMSI Number Explained
IMSI Catcher How it Works
At the same time, when a device connects to a cell tower, it authenticates to it via its International Mobile Subscriber Identity (IMSI) – but the tower doesn't have to authenticate back. ... IMSI-catchers collect the data on all phones within a certain radius and can listen on the calls of, again, all phones in that area.
Tapping a mobile phone
The IMSI-catcher subjects the phones in its vicinity to a man-in-the-middle attack, appearing to them as a preferred base station in terms of signal strength. With the help of a SIM, it simultaneously logs into the GSM network as a mobile station. Since the encryption mode is chosen by the base station, the IMSI-catcher can induce the mobile station to use no encryption at all. Hence it can encrypt the plain text traffic from the mobile station and pass it to the base station.
There is only an indirect connection from mobile station via IMSI-catcher to the GSM network. For this reason, incoming phone calls cannot generally be patched through to the mobile station by the GSM network, although more modern versions of these devices have their own mobile patch-through solutions in order to provide this functionality.
0 Comments:
Post a Comment