The Digital Frontier Basis (EFF) has launched a free, open-source software named Rayhunter that’s designed to detect cell-site simulators (CSS), also called IMSI catchers or Stingrays.
Stingray units mimic reputable cell towers to trick telephones into connecting, permitting them to seize delicate information, precisely geolocate customers, and probably intercept communications.
With the discharge of the Rayhunter, EFF seeks to offer customers the facility to detect these cases, permitting them to guard themselves and likewise assist draw a clearer image of the precise deployment scale of Stingrays.
How Rayhunter works
Rayhunter is an open-source software designed to detect Stingrays by capturing management site visitors (signaling information) between the cellular hotspot and the cell tower it’s related to, however with out monitoring person exercise.
“Rayhunter works by intercepting, storing, and analyzing the management site visitors (however not person site visitors, similar to internet requests) between the cellular hotspot Rayhunter runs on and the cell tower to which it is related,” reads EFF’s announcement.
“Rayhunter analyzes the site visitors in real-time and appears for suspicious occasions, which may embrace uncommon requests like the bottom station (cell tower) attempting to downgrade your connection to 2G which is weak to additional assaults, or the bottom station requesting your IMSI underneath suspicious circumstances.”
In comparison with different Stingray detection strategies that require rooted Android telephones and costly software-defined radios, Rayhunter runs on a $20 Orbic RC400L cellular hotspot machine (moveable 4G LTE router).
EFF selected this {hardware} for its testing of Rayhunter as a consequence of its affordability, widespread availability (Amazon, eBay), and portability, however notes that their software program may go nicely on different Linux/Qualcomm units too.
Supply: EFF
When Rayhunter detects suspicious community site visitors, Orbic’s default inexperienced/blue display turns crimson, informing customers of a possible Stingray assault.
The customers could then entry and obtain the PCAP logs stored on the machine to get extra details about the incident or use them to assist forensic investigations.
For extra directions on easy methods to set up and use Rayhunter, try EFF’s GitHub repository.
The EFF features a authorized disclaimer noting that the software program is probably going not unlawful to make use of in the USA. Nonetheless, earlier than making an attempt to make use of this venture, it’s advisable to examine with a lawyer to find out if it is authorized to make use of in your nation.
BleepingComputer has not examined Rayhunter and can’t assure its security or effectiveness, so use it at your individual danger.
