Detecting Cellular Interception via Commercial Android Apps

By 9 January 2018KEY ARTICLES
identifying-cellular-interception-via-selected-android-apps-joseph-de-saram-rhodium-linkedin

Detecting Cellular Interception via Commercial Android Apps (±x)

Published on 9th January 2018
Joseph-S-R-de-Saram

Joseph S R de Saram (JSRDS)

Information Security Architect / Intelligence Analyst / Computer Scientist / Human Rights Activist / COMSEC / SIGINT / TSCM
350

Enter more text here

HAVE FUN INSTALLING SNOOPSNITCH AND CELL MAP AND SEE WHAT IS ACTUALLY GOING ON AROUND YOU 🙂

Background

After the Manchester/Birmingham IP Address was identified accessing our infrastructure facilities in Autumn 2014:-

UK IP 193.129.103.99 - A One in 3.7 Billion Fraud

IN THE FOLLOWING ARTICLE, THE USER OF IP ADDRESS 193.129.103.99 APPEARS TO BE GOWLING WLG, ALTHOUGH THEY WERE KNOWN AS 'WRAGGE LAWRENCE & GRAHAM'...

As a result of their activities, and exercising my ‘Right of Private Defence‘ I installed the following commercial Android Apps on our various devices from 2015 onwards.

Interestingly enough, an article from Wired Magazine dated 14 August 2017 also refers to them

Spies Could Outsmart Free Stingray-Detector Apps

Researchers tested their own stingray against five free Android apps. It beat them all...

but of course I was using them within the live operation against me and my team two years earlier.

Around 15,000 Screenshots

The android applications which we chose underwent rigorous testing and thousands of screenshots and logs were obtained over a period of more than a year. Applications were running continually on devices.

INTERESTINGLY THE EXISTENCE OF THE IMSI CATCHERS WAS ALSO OBSERVABLE BECAUSE OUR MOBILE DEVICES WERE GETTING HOT AND THE PHONES WERE GOING FLAT FAR QUICKER THAN BEFORE. IT HAPPENS BECAUSE OF CONTINUAL LOCATION UPDATES…

Having reviewed the information at the time and subsequently it is clear that the apps being used in the manner which we were using them gathered

FORENSIC EVIDENCE THAT MET AND/OR EXCEEDED THE BURDEN OF PROOF FOR A CRIMINAL CONVICTION AGAINST THE PERPETRATORS.

IN FACT THE APPS WERE MORE LIKELY NOT TO DETECT AN IMSI CATCHER THAN PRODUCE A FALSE POSITIVE. HOWEVER THE OTHER TESTS I CONDUCTED SUCH AS THE ONE WITH THE CELLULAR JAMMER IS IRREFUTABLE AND A COMBINATION OF ALL OF THEM WINS HANDS DOWN.

How to Identify Cellular Interception via Pure Forensic Analysis

The video above is by Annie Machon, an ex-Intelligence Officer who worked for MI5. Annie is one of the few of us left who actually have Brains &...

I will explain the relevance of the evidence in a separate article as I am in the process of rewriting a number of them…

AIMSICD – Android IMSI-Catcher Detector

A fairly basic app which produced easy to understand visuals in relation to the existence of Base Transceiver Stations (fake or otherwise).

Android IMSI-Catcher Detector

AIMSICD is an Android app to detect IMSI-Catchers . These devices are false mobile towers (base stations) acting between the target mobile phone(s) and the real towers of service providers. As such they are considered a Man-In-The-Middle (MITM) attack...

CellularPrivacy / Android-IMSI-Catcher-Detector

Android-IMSI-Catcher-Detector - AIMSICD • Fight IMSI-Catcher, StingRay and silent SMS!...

The following video is a basic introduction:-

SnoopSnitch

Karsten Nohl is Chief Scientist at Security Research Labs. SnoopSnitch is one of their android applications. It can be obtained from Google Play or directly from their site.

SnoopSnitch was the primary application we used to collect data in relation to IMSI-catchers and their presence. We used this information to direct us to the parties around us and capture the ‘physical manifestation of the CHIS’ on video.

SnoopSnitch

SnoopSnitch is an Android app that collects and analyzes mobile radio data to make you aware of your mobile network security and to warn you about threats like fake base stations (IMSI catchers), user tracking and over-the-air updates. With...

Cellular Data Reports from May 2017

Notwithstanding the disclaimers, the application is accurate because we tested around 10 other apps and they produced the same results in relation to the MNC / LAC / Cell ID.

Our focus was to obtain information on the locations of base transceiver stations rather than identify a specific intercept. By merely capturing the LAC and Cell ID of each BTS and confirming its absence on official lists was actually good enough. And then monitoring how the BTS followed us around Colombo are two irrefutable aspects of our data collection.

Page 01

Page 02

Page 03

Page 04

Page 05

Page 06

Page 07

Cell Map

Cell Map replaced AIMSICD as the primary visual mapping application during mid-2015 and we found it to be accurate in visual identification of vehicle mounted and/or rider-carried devices.

The forensic information obtained from SnoopSnitch coupled with our extensive experience with tracking the ”Boobs on the Ground’ as agents for the Foreign Actors’ by their dense behaviour made things a complete mess for the perpetrators.

but of course I was using them within the live operation against me and my team two years earlier.

Call Map

Having trouble getting a signal? Want to know where your local cell towers are? Cell Map plots the location and strength of all the cell transmitters that your phone is connected to. Just move closer to one for a better signal! Cell Map can even...

Example of Using Cell Map to Confirm Triangulation in Sri Lanka

The Significance of Cellular Triangulation in Covert Surveillance Operations

Please add me to your connections and read other unusual articles relating to Information Security, Forensics, and Fundamental Human Rights...

Australian Police Also Destroy Rhodium Exculpatory Evidence

I refer to this article:- in which I stated that:- "Australia's general knowledge of Finance and Defence is extremely poor. I will write an article...

GSM Spy Finder

This was another application which we used, often to verify the IDs of [fake] Base Transceiver Stations.

GSM Spy Finder - Android app on AppBrain

GSM Spy Finder: Android app (4.1 ★, 100,000 downloads) → Simple and reliable program to detect activity of GSM Monitoring System equipment designed for active and...

G-Net Track Pro

A robust application which produced information including but not limited to MNC, LAC and Cell ID was G-Net Track Pro, from Gyokov Solutions.

Android OS UMTS/GSM/LTE/CDMA/EVDO Network Monitor and Drive Test tools

- G-NetTrack - G-NetTrack Pro - enhanced version of G-NetTrack with many more features - G-NetLog - same as G-NetTrack Pro, but without map support - suitable for devices without Google Play services installed G-NetTrack Pro and Lite feature ...

G-NetTrack

G-NetTrack Android OS application for mobile network monitoring G-NetTrack Screenshots G-NetTrack Features • Supported technologies: LTE/...

The following videos are useful:-

I will be writing a further article demonstrating more forensic evidence – stay tuned 🙂

Joseph-S-R-de-Saram

Joseph S R de Saram (JSRDS)

Information Security Architect / Intelligence Analyst / Computer Scientist / Human Rights Activist / COMSEC / SIGINT / TSCM
RHODIUM GROUP