Imagine a telecom intrusion so subtle it requires no password, no backdoor, and no malware. Just a piece of hardware that pretends to be a mobile base station—and mobile phones willingly connect to it. . Rogue base station attacks, also known as false base station attacks, pose a significant threat to the privacy and security of mobile users. To motivate our research, we empirically show that such a fake base station can cause an indefinite hold of the user equipment's connectivity using our. . The Swiss NCSC believes a fake base station is being used for a typical SMS blaster scam while South Korea's government believes a base station was used to intercept 2FA SMS messages meant for the victims of a recent fraud. Though efforts have been made to defeat this threat, up to this day, the presence of FBSes and the multi-step attacks (MSAs) stemming from them can lead to unauthorized surveillance. .
[PDF Version]
