The Digital Frontier Basis (EFF) has launched a free, open-source device named Rayhunter that’s designed to detect cell-site simulators (CSS), also called IMSI catchers or Stingrays.
Stingray gadgets mimic reputable cell towers to trick telephones into connecting, permitting them to seize delicate information, precisely geolocate customers, and doubtlessly intercept communications.
With the discharge of the Rayhunter, EFF seeks to present customers the facility to detect these cases, permitting them to guard themselves and likewise assist draw a clearer image of the precise deployment scale of Stingrays.
How Rayhunter works
Rayhunter is an open-source device designed to detect Stingrays by capturing management visitors (signaling information) between the cell hotspot and the cell tower it’s related to, however with out monitoring consumer exercise.
“Rayhunter works by intercepting, storing, and analyzing the management visitors (however not consumer visitors, corresponding to internet requests) between the cell hotspot Rayhunter runs on and the cell tower to which it is related,” reads EFF’s announcement.
“Rayhunter analyzes the visitors in real-time and appears for suspicious occasions, which might embrace uncommon requests like the bottom station (cell tower) attempting to downgrade your connection to 2G which is weak to additional assaults, or the bottom station requesting your IMSI beneath suspicious circumstances.”
In comparison with different Stingray detection strategies that require rooted Android telephones and costly software-defined radios, Rayhunter runs on a $20 Orbic RC400L cell hotspot gadget (moveable 4G LTE router).
EFF selected this {hardware} for its testing of Rayhunter on account of its affordability, widespread availability (Amazon, eBay), and portability, however notes that their software program may match nicely on different Linux/Qualcomm gadgets too.
Supply: EFF
When Rayhunter detects suspicious community visitors, Orbic’s default inexperienced/blue display turns crimson, informing customers of a possible Stingray assault.
The customers could then entry and obtain the PCAP logs saved on the gadget to get extra details about the incident or use them to assist forensic investigations.
For extra directions on set up and use Rayhunter, try EFF’s GitHub repository.
The EFF features a authorized disclaimer noting that the software program is probably going not unlawful to make use of in america. Nonetheless, earlier than trying to make use of this venture, it’s advisable to examine with a lawyer to find out if it is authorized to make use of in your nation.
BleepingComputer has not examined Rayhunter and can’t assure its security or effectiveness, so use it at your individual danger.
