this post was submitted on 02 Sep 2025
103 points (97.2% liked)

Cybersecurity

8226 readers
116 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Community Rules

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !securitynews@infosec.pub !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 2 years ago
MODERATORS
kid@sh.itjust.works
Lanky_Pomegranate530@midwest.social
103
My Pixel 10 warned me 8 times in 30-minutes that there was a rogue connection made. Deeply concerning (feddit.online)
submitted 1 day ago by Jerry@feddit.online to c/cybersecurity@sh.itjust.works
64 comments fedilink hide all child comments
 

I have a #Pixel 10 Pro XL phone, which may be the first phone to give warnings when the phone connects to a rogue cellphone tower or IMSI catcher. The OS cannot block it; it can only tell you that someone read information, and it presents an alert. It says,

"Your data may be at risk. Device ID accessed. At 6:57 PM a nearby network recorded your device's unique ID (IMSI or IMEI) while using your T-Mobile SIM. This means that your location, activity, or identity has been logged."

I didn't ever get an alert before walking through the building, but this time, during a 30-minute walk through the building, I got about 8 alerts, ranging between 1 and 3 minutes apart.

Using this information from repeated connections, someone can follow my movements and location; they can identify it's me because the IMSI number is unique to my phone, so it can be an indication that someone was collecting all the cellphone information in the area, most likely law enforcement.

It can also mean that I was connecting to a rogue cell phone tower, not just an IMSI catcher, and it was an attempted Stingray attack, likely also law enforcement. If successful, they can try to see and hear what I'm doing on my phone, as my phone won't know that it's a fake cellphone tower.

Be aware that a rogue tower will try to negotiate your phone's connection down to a 2G connection, which is unencrypted, providing them with access to everything that you are doing and saying. Please go into your phone's settings and disable 2G!!

It's been believed for some time that this technology has been used by law enforcement secretly and consistently. This is creepy and unnerving.

Turning off the phone, by the way, doesn't stop an IMSI catcher. Your phone still responds. You need to keep the phone in a Faraday bag if you're really concerned.

It's a good thing that phones are now starting to inform people that they are being watched and that people will begin to see how much of an issue this is. You can assume that your local law enforcement knows where you are all the time.

top 50 comments
sorted by: hot top controversial new old
[–] lurch@sh.itjust.works 5 points 16 hours ago (1 children)

IMSI catchers / rogue cell towers do not work with switched off phones or in airplane mode. Source: https://shop.mobilen.com/everything-you-need-to-know-about-imsi-catcher-detector/

[–] Jerry@feddit.online 0 points 16 hours ago* (last edited 16 hours ago) (2 children)

Seems to depend on what you read: https://godarkbags.com/blogs/news/imsi-catchers-the-hidden-threat-to-your-mobile-privacy-and-how-to-stop-them

Quote:

Can I Be Tracked With My Phone Off?

Yes, even when your phone is turned off, it’s not entirely inactive. The radio system, controlled by a separate subsystem called Baseband, can still transmit signals. This design allows for features like remote device tracking but also means that simply turning off your phone doesn't protect you from IMSI catchers. Using a Faraday bag completely isolates your device from any external signals, providing robust protection.

The most effective defense against these threats is to block the signals that IMSI catchers rely on. This is where Faraday bags come into play. These specially designed bags create a barrier that prevents radio waves from reaching your device, effectively neutralizing IMSI catchers and other surveillance tools.

[–] Aganim@lemmy.world 8 points 15 hours ago (1 children)

I'd recommend searching for other sources to corroborate that story. A website selling Faraday bags telling you that you really need a Faraday bag is hardly a reliable source.

[–] Jerry@feddit.online 4 points 15 hours ago

It doesn't mean they are wrong. Anyway, here:

"Based on documents leaked by Edward Snowden, the National Security Agency (NSA) had already developed a technique in 2004 to locate cell phones even when they were turned off, called “The Find”, mostly used to locate terrorist suspects [36]. This was accomplished through the use of IMSI catchers, which could wirelessly send a command to the phone’s baseband chip to fake any shutdown and stay on [37]. The phone could then be instructed to keep just the microphone on, in order to eavesdrop on conversations, or periodically send location pings. The only hint that the phone was still on was if it continued to feel warm even though it had been shut off, suggesting that the baseband processor was still running. IMSI catchers used by London’s Metropolitan Police are also reportedly able to shut down targeted phones remotely [38]."

https://www.cis.upenn.edu/wp-content/uploads/2019/08/EAS499Honors-IMSICatchersandMobileSecurity-V18F.pdf

[–] lurch@sh.itjust.works 1 points 13 hours ago* (last edited 42 minutes ago)

That's not a normal thing, but you're right. I can't rule it out. Some phones may stay connective when off. It may require someone to tamper with them beforehand; maybe remotely while they were still on.

I read this patent at Google https://patents.google.com/patent/EP2680182A1/en and if it's not snakeoil, monitoring the power consumption of phone components seems like a good detection method.

[–] lurch@sh.itjust.works 3 points 17 hours ago (1 children)

they only know your phone is there, not that it's you. they also need to triangulate your position to know it more exactly than "it's in range", which requires special hardware with an extra antenna

[–] Jerry@feddit.online 3 points 16 hours ago

They can triangulate from the 8 readings that they did and know my location. They also know it's T-Mobile and they can subpoena T-Mobile and Google to get the information (the IMSI code will identify the dealer) to identify who bought the phone and what phone account pays for the service.

[–] y0din@lemmy.world 29 points 1 day ago (1 children)

It could also be something less alarming, like cellular repeaters inside the building. Many buildings use these to boost indoor coverage when concrete and steel block signals from outside towers, and that might explain why your phone flagged multiple connections so quickly. I’m not ruling out the possibility of a rogue tower or IMSI catcher, but it’s worth considering that the alerts could simply be repeaters being picked up by this new warning feature. Either way, it’s good that your phone is making you aware — at least now you know when unusual connections happen.

[–] Jerry@feddit.online 3 points 21 hours ago (1 children)

A cell phone repeater is a passive device. It just extends the range of an existing signal. They don't act as cell towers. They don't read information from the phone.

[–] y0din@lemmy.world 5 points 14 hours ago* (last edited 13 hours ago)

That’s true for some types of signal boosters, especially the simple passive ones. But many building systems aren’t just passive repeaters — they use distributed antenna systems (DAS) or active repeaters that re-broadcast the signal from outside towers. From the phone’s perspective, those can sometimes look like a new connection point, even though they’re not rogue towers reading data.

So while your point is absolutely right that a normal repeater doesn’t act as a tower or capture phone info, the way modern indoor coverage solutions are implemented can still trigger the same kinds of warnings. That’s why it can be hard to tell apart a harmless booster from something more suspicious.

More information about DAS systems and cellular repeaters, and how they differ, if you’re interested:

🔗 https://en.m.wikipedia.org/wiki/Distributed_antenna_system

🔗 https://en.m.wikipedia.org/wiki/Cellular_repeater

(edit, added Wikipedia links)

[–] frank@sopuli.xyz 7 points 23 hours ago (1 children)

Turning off the phone doesn't stop it? How does it reply?

I'm assuming pulling my (Fairphone) battery out would kill it dead?

Creeeeeeepy

[–] lurch@sh.itjust.works 4 points 16 hours ago (1 children)

It does not reply. It doesn't work when off or in airplane mode.

[–] peoplebeproblems@midwest.social 5 points 22 hours ago

Even better, that means we can locate them.

[–] Deebster@infosec.pub 18 points 1 day ago* (last edited 23 hours ago) (2 children)

If you switch off 2G, bear in mind that it might be your only option to send emergency calls when otherwise out of signal. Remembering how to switch it back on (or even that you'd switched it off) might not be feasible when you need it!

edit: phone typos

[–] spaghettiwestern@sh.itjust.works 7 points 1 day ago (1 children)

US carriers have supposedly decommissioned 2G completely as of February of this year according to Google:

Carrier shutdowns: All major U.S. carriers have shut down their 2G networks. AT&T completed its shutdown in 2017, Verizon in 2020, and T-Mobile (the last major holdout) by early 2025.

[–] Onomatopoeia@lemmy.cafe 7 points 1 day ago (2 children)

2G is shutdown for consumers, it still exists for commercial systems that use it for data reporting (thing gas lines, remote monitoring systems, etc).

Now I don't know what that means for our phones, or which towers still have it. I suspect any consumer phone will simply never be able to connect via 2G,but the tower would still see the phone on 2G.

load more comments (2 replies)
[–] Jerry@feddit.online 13 points 1 day ago (1 children)

According to the documentation, turning off 2G will not block emergency calls. But, yeah, having said this, definitely, it's best to remember how to switch it back on, just in case.

[–] jewbacca117@lemmy.world 9 points 1 day ago (1 children)

Can confirm. The Setting on my Pixel 7 says "Emergency calling is always allowed"

[–] WhyIHateTheInternet@lemmy.world 7 points 1 day ago (1 children)

I'm illiterate to these things sort of... So don't harangue me for this but doesn't that imply that the connection is always on wether you disabled it or not? Would not outgoing imply incoming as well?

Just curious, again, I have no idea.

[–] jewbacca117@lemmy.world 6 points 1 day ago

As I understand your phone will ignore 2G requests unless it's an emergency call. Now, you mentioned these suspicious towers will try to downgrade to 2G, which should also be ignored.

[–] thegr8goldfish@startrek.website 12 points 1 day ago (1 children)

Found and updated the avoid 2g setting on my Pixel 6. I am running android 16.

[–] boatswain@infosec.pub 8 points 1 day ago (4 children)

Where was it? Haven't find it on mine

[–] dgilbert@lemmy.ca 3 points 17 hours ago

For me it was in my SIM card settings: Network & Internet > SIMs > .

Bottom option was a toggle for "2G network protection".

[–] ArcaneSlime@lemmy.dbzer0.com 9 points 1 day ago (1 children)

Network and internet>internet>settings button next to carrier>scroll to bottom

[–] boatswain@infosec.pub 4 points 17 hours ago

Thanks!

load more comments (2 replies)
[–] Kolanaki@pawb.social 14 points 1 day ago* (last edited 1 day ago) (1 children)

It tries to force you down to 2G

Oh shit... Could this be why my phone seemingly randomly switches to 2G/LTE? It always seems to happen in the same places, and never for more than a minute or two.

[–] sunzu2@thebrainbin.org 5 points 1 day ago

No way to tell but the best practice is to keep your phone LTE or 5g only.

I had a discussion recently on here about it.

My understanding is LTE is best since it can't be used to exact positioning and saves battery.

However apparently it has its own security vulnerability that 5g fixed. However 5g can literally expose your special position.

Either way never prrmits 2g/3g that's just fish bowling.

[–] Chozo@fedia.io 8 points 1 day ago (5 children)

That's fucking creepy, and I've got a feeling that we're going to see a lot more of this going forward, too.

Are there any known ways to detect or interfere with Stingray devices? I know that in the US, police often use these devices illegally, without the necessary warrants, so sabotaging these devices is a just and moral decision.

[–] Jerry@feddit.online 5 points 21 hours ago

In the U.S. it's illegal to do anything that would interfere with these devices because it also cuts off emergency services. Sort of like using a hospital to store weapons during a war?

load more comments (4 replies)
[–] Corkyskog@sh.itjust.works 6 points 1 day ago (7 children)

I don't seem to be able to even disable it on this phone.

[–] x1gma@lemmy.world 4 points 1 day ago

https://github.com/undergroundwires/privacy.sexy/discussions/359

The setting toggle seems to be available since Android 12, but not all vendors seem to have implemented it. There are instructions in the linked GitHub issue that seem sane.

load more comments (6 replies)
[–] Kirk@startrek.website 5 points 1 day ago (1 children)

What app is providing this service for you?

[–] Jerry@feddit.online 9 points 1 day ago (2 children)

It's a new feature in Android 16, but older phones don't have the hardware to support it.

load more comments (2 replies)
load more comments
view more: next ›