Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
Cathal Mc Daid Profile picture
Cathal Mc Daid
@mcdaidc
Science, Security, Sports.
Mar 6 12 tweets 4 min read
1/12
It has been confirmed that the #Taurus interception was done via “a non-secure line”. Below is my opinion of one way in which it *might* have been done, taking into account the situation and #Russia's previous history.

Essentially it involves using #SS7 interception.
🧵 Image 2/12
First step is that we assume the call intercepted was generated by a German mobile device, roaming into Singapore. In the press release we are not told for certain it was a mobile. So could have been a mobile or a hotel line (or wifi)

theguardian.com/world/2024/mar…
Image
Feb 15 11 tweets 4 min read
1/11
Today, we’re releasing details of a small but interesting mobile #vulnerability called MMS Fingerprint, reportedly used by #NSOGroup.

How this might work, and how we found it, is a bit unusual.

@EneaAB @josephfcox @rj_gallagher @campuscodi @lorenzofbenea.com/insights/dusti… 2/11
After a WhatsApp vulnerability exploited in 2019 #WhatsApp/#Facebook sued NSO Group. As part of its evidence there was a contract between a NSO Group reseller and a telecom regulator.

Within that contract was a list of features, including something called #MMSFingerprint Image
Apr 25, 2022 10 tweets 7 min read
1/10
3rd part of @adaptivemobile series on the mobile battlefield of #Ukraine

@RowlandCorr and I cover what may happen in the future. In particular we look at the little-known Russian separatist Mobile Operators Phoenix (Фенікс) and Lugacom (Лугаком)

blog.adaptivemobile.com/the-mobile-net… 2/10
The unlicensed Phoenix (Фенікс) & Lugacom (Лугаком) opcos were formed from the separatist seizure of Ukrainian Mobile Operator equipment after 2014 invasion of the #Donbas

They have been growing as the licensed Ukrainian Operators have pulled out

euobserver.com/investigations…
Mar 29, 2022 6 tweets 4 min read
🧵A good recent example of #Ukraine contesting the Mobile Network / InfoSec battlespace.

Multiple #SIMBox seizures as part of an "enemy bot farm" network were announced yesterday by the Security Service of Ukraine. 1/6
ssu.gov.ua/novyny/z-pocha… Technically this is a much bigger setup that the #SIMBox relay discovery from 2 weeks ago, (see my previous thread) which is not surprising as these are more traditional ‘bot farms’ used for signups for social media 2/6
Mar 15, 2022 7 tweets 5 min read
1/5 Another significant capture in #Ukraine. Reported discovery today of a #SIMBox being used to relay Voice calls & SMS and other info to Russian forces (including top leadership of Russian army) & other individuals in #Ukraine. I will explain what this is and how it works. 2/5
First the system is comprised of 3 main parts,
1) the SIM Box server - in this case a Hypertone SMB-128 . This handles the control of up to 128 SIM Cards, cycles them when detected etc , and co-ordinates interaction with the #GSM Gateways
hybertone.com/en/pro_detail.… Image