- Fake cell towers forced phones to disconnect from legitimate networks nearby
- Millions of perturbations revealed how easily cellular connections can be manipulated
- Attackers reached thousands of devices simultaneously without telecommunications infrastructure
Authorities in Canada have revealed details of a mobile cyber operation that relied on SMS blasters mounted inside vehicles moving through urban areas.
Three suspects drove around downtown Toronto with these hidden devices driving in their cars, mimicking cell towers.
The Toronto Police Service confirmed that this marked the first operation of its kind ever recorded in the country, with the campaign causing 13 million network outages in total.
The article continues below
How fake cell towers manipulate connections
Investigators say the devices mimicked legitimate cellular base stations, forcing nearby phones to automatically connect due to stronger signal proximity.
Once connected to the rogue system, phones received messages that appeared to originate from credible institutions.
These messages often directed users to fraudulent websites designed to extract credentials or trigger unauthorized payments.
Because the communications bypassed standard telecommunications security measures, typical protections such as carrier-level filtering became ineffective, allowing the attackers to deliver smishing campaigns directly to inboxes at scale.
The attack reached a large number of devices simultaneously, infiltrating tens of thousands of mobile devices without relying on traditional telecommunications infrastructure.
“What makes this particularly troubling is the scale and the impact,” said Toronto Police Deputy Chief Robert Johnson.
“This was not targeting a single person or company. It had the ability to reach thousands of entities at once.”
In such cases, users may assume that installed anti-virus tools or routine malware removal methods are sufficient, yet these measures do not prevent forced network redirection at the signal level.
Disruption goes beyond economic damage
The impact of this rogue network is not limited to financial risks because users temporarily lose access to legitimate services.
This interference can affect a person’s ability to reach emergency help such as the police or an ambulance when needed.
“And beyond the economic risk, there are real public safety implications. For example, when devices are diverted from legitimate networks, even briefly, it disrupts a person’s ability to connect to emergency services,” Johnson said.
The SMS blasters used in the operation were custom-built and have the potential to threaten national security.
“The ones we seized in Toronto were uniquely built and we’re not sharing them publicly for security reasons,” Detective Constable Lindsay Riddell said.
Devices comparable to SMS blasters, such as IMSI catchers, can intercept and redirect communications, potentially capturing metadata or voice data.
A pattern seen across Canada
Although described as the first recorded case in Canada, similar operations have been identified internationally.
Philippine authorities arrested two Chinese nationals in February 2026 for running a similar scheme.
These suspects hired drivers to carry IMSI devices in the back of their vehicles while loitering near key government installations, military bases and even the US Embassy.
Similarly, police in London arrested a student from China in June 2025 for using a similar gadget from his car to send messages to victims.
The Toronto operation has been shut down, but the vulnerability remains and traditional security tools can’t stop a rogue cell tower from hijacking your phone’s connection.
Via Tom’s hardware
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds.
