Rayhunter: IMSI Catchers We Have Found So Far
18 hours ago
- #open-source
- #privacy
- #surveillance
- Rayhunter is an open-source tool designed to detect cell-site simulators (CSS), used by police to locate or identify cell phones.
- The tool has seen significant community engagement, with thousands of installations and numerous contributions from users.
- Rayhunter analyzes cellular handshakes to detect behaviors consistent with CSS and alerts users when potential evidence is found.
- No evidence has been found of CSS being used to spy on protests in the US, though they have been detected in other contexts.
- Possible reasons for the lack of CSS at protests include warrant requirements, high costs, and the availability of easier surveillance tools.
- Alternative surveillance methods include license plate readers, location data brokers, forensic extraction tools, geofence warrants, facial recognition, and tower dumps.
- Recommendations for protection include turning off location services, using strong passwords, wearing masks, and using airplane mode or Faraday bags.
- Rayhunter has successfully detected CSS in non-protest scenarios, such as at a cruise port and in cities like Chicago and New York.
- The tool's detection engine has been tested against commercial CSS, with successful detection of all attacks.
- Future goals for Rayhunter include expanding international testing and refining detection signatures for global use.