Cell phone signal suddenly drops to 2G, so be wary of criminals "taking things from a distance"

  Xinhua News Agency, Beijing, October 18th Title: Stealing the verification code, swiping the bank card and maliciously deducting the phone bill … … Beware of the crime of SMS sniffing.

  Xinhua News Agency "Xinhua Viewpoint" reporters Yan Zhihong, He Fan and Xu Ru

  In the early morning, I suddenly found that the mobile phone signal dropped from 4G to 2G, and received all kinds of SMS verification codes from banks, Alipay and mobile companies. Subsequently, the bank account was emptied, the balance of Alipay was transferred away, and the mobile phone automatically ordered a bunch of useless value-added services … … This is not a scene in science fiction movies, but an illegal infringement of mobile phone users by SMS sniffer devices in the real world.

  Recently, there have been many cases of stealing money by using SMS sniffing technology in many parts of the country, some of which involve more than one million yuan. A survey by Xinhua Viewpoint reporter found that some lawless elements peddled relevant technologies and equipment through social networks.

  Criminals use sniffing technology to "take things from a distance" and SMS verification code is also robbed.

  In August this year, a Sina Weibo netizen reported to the police and related financial institutions: from 2 am to 5 am, the mobile phone received more than 100 SMS verification codes from financial institutions such as Alipay, JD Finance and Bank, and all the balances in related accounts and bound bank cards "evaporated out of thin air".

  Afterwards, it was identified by security technical experts, and it was considered as a typical case of property infringement by using SMS sniffing technology. According to He Yanzhe, a technical expert from China Institute of Electronic Technology Standardization, short message sniffing technology is to get the short message content of users by implanting mobile phone Trojans or setting up pseudo base stations without affecting the normal reception of short messages by users, including short message verification codes from banks, third-party payment platforms and mobile operators.

  According to an industry insider, in addition to stealing funds from users’ financial accounts, SMS sniffing technology can also intercept the verification code sent by mobile operators to mobile phone users, which can be used to handle various value-added deduction services, thus stealing phone bills from mobile phone users.

  According to public reports, recently, related cases have been cracked in many places across the country: in July, the public security organs in Xinxiang, Henan Province cracked a case of using SMS sniffing technology to buy virtual goods from other people’s financial accounts and arrested 10 suspects; In August, Xiamen police cracked a case of using SMS sniffing technology to steal other people’s financial accounts and arrested one suspect, involving more than 100,000 yuan. Also in August, Shenzhen police busted a full-chain bank card stealing gang, arrested 10 suspects, seized 6 sets of electronic equipment such as pseudo base stations, and cracked more than 50 similar cases, involving more than one million yuan.

  Reporter’s unannounced visit: social networks sell sniffer equipment software, claiming that "the package will be taught"

  Where did these illegal devices come from? The reporter searched on the Internet and social software and found a large number of sniffer device trading posts and exchange groups.

  In a Baidu Post Bar named "Sniff it", many sellers not only introduce the sniffing function and leave contact information such as QQ and WeChat, but also often share some screenshots of successfully intercepting short messages to induce others to buy related equipment.

  According to the guidance of a trading post, the reporter added QQ users with the tail number of 0960. The other party said that it only takes 8,500 yuan to sell the full set of equipment and software for stealing phone bills to reporters, and the related equipment for stealing Alipay account balance needs 20,000 yuan. In order to dispel the reporter’s concerns, the other party even said that it could verify the performance of the equipment at the startup site of the express outlet through the courier company’s "cash on delivery", and promised to pass the stupid tutorial "guarantee the teaching package".

  A seller selling equipment told reporters that they have a special studio, some are responsible for making hardware and some are responsible for software programming.

  Some sellers reminded reporters to abide by the "rules". For example, when stealing other people’s phone bills, the maximum amount of phone bills stolen in one day cannot exceed 3,000 yuan.

  There are also sellers who sent a large number of photos and videos to reporters, proving that the equipment sold is true and reliable. In a video image, the sniffing equipment is running, and the other party also demonstrates how to operate the software, and successfully intercepts a short message verification code from UnionPay.

  Experts suggest that operators should speed up the elimination of 2G network technology, and financial institutions should strengthen multiple verification of security factors.

  What laws and regulations are violated by illegally buying, selling and using SMS sniffer equipment? Lawyer Zhang Yiteng of Fujian Yingkun Law Firm believes that the illegal production, assembly and sale of "pseudo base station" equipment may constitute the crime of illegal business operation because the seller has not obtained the qualification of telecommunication equipment network access license without the approval of the relevant competent authorities.

  If the purchaser sets up or uses a radio station or radio frequency without authorization, which interferes with the radio communication order, causing the public telecommunication facilities to be interrupted to varying degrees, so that an unspecified majority of individuals cannot carry out communication activities normally, his behavior may constitute the crime of destroying radio and television facilities and public telecommunication facilities and disturbing the radio communication management order.

  In addition, if the user commits the act of stealing bank cards, it may constitute theft and credit card fraud at the same time.

  He Yanzhe said that SMS and call information under the 2G channel are transmitted in clear text. In order to successfully hijack signals and complete SMS sniffing, criminals sometimes interfere with 3G and 4G signals, forcing users to "reduce the dimension" to the status of 2G networks.

  Yu Yun, head of Tencent Security Xuanwu Lab, suggested that users can ask operators to turn on the VoLTE function (a data transmission technology) so that short messages can be transmitted through the 4G network to prevent wireless monitoring from stealing short messages.

  Yu Yun said that there is a "impossible trinity" in the field of network security, that is, it is impossible to achieve three elements of security, convenience and cheapness at the same time. Judging from the case that SMS sniffing technology steals other people’s financial accounts, at present, the "two-factor security authentication" based on account login password and SMS verification code, which is adopted by most financial institutions, is convenient, but there is a risk of failure in this environment.

  He Yanzhe and other industry experts suggest that communication operators should consider speeding up the elimination of 2G network technology to ensure that users’ short messages and call content are not intercepted and stolen by others. In addition, experts suggest that financial institutions, including banks and third-party payment platforms, should strengthen multiple verification of security factors and introduce more perfect and reliable verification methods in the case of loopholes in "two-factor security authentication".