Saturday, November 9, 2024

Google on why you should disable 2G on your Android phone

Must read

SMS Blasters — which are also known as Stingrays, False Base Stations (FBS), and cell-site simulators — can be used by nefarious parties to “lure mobile devices to connect to them” and send fake text messages. One way to combat them is by disabling the insecure 2G connection on your Android device.

GSMA’s Fraud and Security Group (FASG) has developed a briefing paper for GSMA members to raise awareness of SMS Blaster fraud and provide guidelines and mitigation recommendations for carriers, OEMs and other stakeholders. The briefing paper, available for GSMA members only, calls out some Android-specific recommendations and features that can help effectively protect our users from this new type of fraud.

Google

Those fake messages, which are only possible over 2G, often perpetuate financial fraud, with increasing reports around the world of this in recent years. Attackers can easily fake the number that appears to make it seem like it’s from a known business. There are also reports of them being used to “disseminate malware, for example injecting phishing messages with a url to download the payload.”

SMS Blasters expose a fake LTE or 5G network which executes a single function: downgrading the user’s connection to a legacy 2G protocol. The same device also exposes a fake 2G network, which lures all the devices to connect to it. At this point, attackers abuse the well known lack of mutual authentication in 2G and force connections to be unencrypted, which enables a complete Person-in-the-Middle (PitM) position to inject SMS payloads.

These SMS Blasters, which can be portable, “are sold on the internet and do not require deep technical expertise” to use and localize. Compared to the SMS phishing (mass texts) you get today, this direct delivery “bypasses the carrier network and its anti-fraud and anti-spam filters, guaranteeing that all messages will reach a victim.”

Starting with Android 12, Google introduced the option to disable 2G, with Pixel phones being the first to adopt. Even with “Allow 2G” switched off, emergency calls are still possible.

This option, if used, completely mitigates the risk from SMS Blasters. This feature has been available since Android 12 and requires devices to conform to Radio HAL 1.6+.

On Pixel, search for “Allow 2G” in Settings app

Additionally:

Android also has an option to disable null ciphers as a key protection because it is strictly necessary for the 2G FBS to configure a null cipher (e.g. A5/0) in order to inject an SMS payload. This security feature launched with Android 14 requires devices that implement radio HAL 2.0 or above.

Another layer or protection Android provides is through Google Messages. The SMS client can “identify and block spam SMS messages.”

Android also provides effective protections that specifically tackles SMS spam and phishing, regardless of whether the delivery channel is an SMS Blaster

Google also has Verified SMS (with blue checkmarks in the conversation) for business communication, Safe Browsing, and Play Protect

FTC: We use income earning auto affiliate links. More.

Latest article