Full Report
Graham warns why it is high time we said goodbye to 2G - the outdated mobile network being exploited by cybercriminals with suitcase-sized SMS blasters. From New Zealand to London, scammers are driving around cities like dodgy Uber drivers, spewing phishing texts to thousands at once. Meanwhile, Carole unpacks a painfully awkward tale of amour fou, as a 76-year-old Belgian man drives 476 miles to meet his dream woman... only to be greeted by her very-much-still-husband at the gate. Plus: Sky Arts painting competitions get a thumbs up, Mark Zuckerberg never loses at board games, and the scandalous Facebook memoir Meta tried to silence. All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.
Analysis Summary
# Main Topic
Cybercriminals are actively exploiting the outdated 2G mobile network infrastructure to conduct large-scale phishing (smishing) campaigns using portable, suitcase-sized SMS blasting equipment.
## Key Points
- The 2G network is highlighted as a high-risk vulnerability due to its age and susceptibility to exploitation.
- Attackers are deploying mobile SMS blasting tools—described as "suitcase-sized"—to indiscriminately send phishing texts to thousands of potential victims concurrently.
- This method of attack has been observed globally, specifically mentioning incidents in New Zealand, London, and Bangkok.
- The attacks are characterized by threat actors driving around cities (likened to "dodgy Uber drivers") while operating the blasting equipment, suggesting a mobile, on-the-move capability.
- The exploitation of 2G networks may involve fake base stations or similar technology to facilitate mass texting or intercept legacy traffic, though this is implicitly linked to the 2G vulnerability discussion.
## Threat Actors
- **Cybercriminals/Scammers:** General attribution for those deploying the SMS blasters.
- **Organized Groups/Individuals:** Specific operational examples include:
- A teenager arrested in New Zealand for a "smishing scam" involving previously unseen technology (Operation Orca).
- Threat actors busted in Bangkok utilizing an SMS blaster from a van, sending one million scam texts.
## TTPs
- **Mass SMS Phishing (Smishing):** Primary technique involving the mass distribution of fraudulent text messages designed to trick recipients.
- **Mobile Infrastructure Abuse:** Use of portable, suitcase-sized equipment (SMS blasters) to generate high volumes of messages geographically.
- **Mobile Deployment:** Operators drive around urban areas to carry out the attacks, potentially leveraging proximity or mobility to avoid detection or maximize reach.
- **Exploitation of 2G:** Leveraging the inherent security weaknesses in the 2G cellular protocol.
## Affected Systems
- Legacy mobile devices and infrastructure relying on the 2G cellular network standard.
- Mobile users targeted through SMS messages (Smishing).
- Mobile platforms involved include recent incidents in New Zealand and Thailand.
## Mitigations
- **Decommissioning 2G:** The primary recommended long-term solution is phasing out the outdated 2G network infrastructure.
- **User Awareness:** General warning issued to the public about rising SMS scam incidents.
- **Device Security:** Recommendations exist (referenced from Google Security blog) for keeping Android devices safe from text message fraud, suggesting vigilance against suspicious links in texts.
## Conclusion
The exploitation of the legacy 2G network presents a current and scalable threat via mobile SMS blasting operations. While specific IoCs like malicious URLs are not detailed in the context, the critical takeaway is the need to address the underlying vulnerability of the 2G infrastructure and enhance user education regarding smishing tactics employed by geographically mobile attackers. Monitoring for mass text campaigns originating from suspicious mobile vectors is advised.