The Digital Frontier Basis (EFF) has launched a free, open-source software named Rayhunter that’s designed to detect cell-site simulators (CSS), also referred to as IMSI catchers or Stingrays.
Stingray gadgets mimic authentic cell towers to trick telephones into connecting, permitting them to seize delicate information, precisely geolocate customers, and probably intercept communications.
With the discharge of the Rayhunter, EFF seeks to offer customers the facility to detect these situations, permitting them to guard themselves and in addition assist draw a clearer image of the precise deployment scale of Stingrays.
How Rayhunter works
Rayhunter is an open-source software designed to detect Stingrays by capturing management site visitors (signaling information) between the cellular hotspot and the cell tower it’s linked to, however with out monitoring consumer exercise.
“Rayhunter works by intercepting, storing, and analyzing the management site visitors (however not consumer site visitors, corresponding to net requests) between the cellular hotspot Rayhunter runs on and the cell tower to which it is linked,” reads EFF’s announcement.
“Rayhunter analyzes the site visitors in real-time and appears for suspicious occasions, which might embody uncommon requests like the bottom station (cell tower) attempting to downgrade your connection to 2G which is susceptible to additional assaults, or the bottom station requesting your IMSI beneath suspicious circumstances.”
In comparison with different Stingray detection strategies that require rooted Android telephones and costly software-defined radios, Rayhunter runs on a $20 Orbic RC400L cellular hotspot machine (transportable 4G LTE router).
EFF selected this {hardware} for its testing of Rayhunter resulting from its affordability, widespread availability (Amazon, eBay), and portability, however notes that their software program may go effectively on different Linux/Qualcomm gadgets too.
Supply: EFF
When Rayhunter detects suspicious community site visitors, Orbic’s default inexperienced/blue display turns pink, informing customers of a possible Stingray assault.
The customers might then entry and obtain the PCAP logs saved on the machine to get extra details about the incident or use them to help forensic investigations.
For extra directions on tips on how to set up and use Rayhunter, take a look at EFF’s GitHub repository.
The EFF features a authorized disclaimer noting that the software program is probably going not unlawful to make use of in america. Nevertheless, earlier than trying to make use of this venture, it’s advisable to test with a lawyer to find out if it is authorized to make use of in your nation.
BleepingComputer has not examined Rayhunter and can’t assure its security or effectiveness, so use it at your individual threat.
