- Fake mobile towers forced phones to disconnect from legitimate networks nearby
- Millions of disruptions revealed how easily cellular connections can be manipulated
- Attackers reached thousands of devices simultaneously without telecom infrastructure
Authorities in Canada have disclosed details of a mobile cyber operation that relied on SMS blasters mounted inside vehicles moving through urban areas.
Three suspects drove around downtown Toronto with these hidden devices running in their cars, impersonating cell towers.
The Toronto Police Service confirmed that this marked the first operation of its kind ever recorded in the country, with the campaign causing 13 million network disruptions in total.
Article continues below
How fake cell towers manipulate connections
Investigators say the devices mimicked legitimate cellular base stations, forcing nearby phones to connect automatically due to stronger signal proximity.
Once connected to the rogue system, phones received messages that appeared to originate from credible institutions.
These messages often directed users to fraudulent websites designed to extract credentials or trigger unauthorized payments.
Because the communication bypassed standard telecom safeguards, typical protections such as carrier-level filtering became ineffective, allowing the attackers to deliver smishing campaigns directly to inboxes at scale.
The attack reached a large number of devices simultaneously, infiltrating tens of thousands of mobile devices without relying on traditional telecom infrastructure.
“What makes this particularly concerning is the scale and impact,” said Toronto Police Deputy Chief Robert Johnson.
“This wasn’t targeting a single individual or business. It had the ability to reach thousands of devices at once.”
In such cases, users may assume that installed antivirus tools or routine malware removal practices are sufficient, yet these measures do not prevent forced network redirection at the signal level.
Disruption extends beyond financial harm
The effect of this rogue network is not limited to financial risks because users temporarily lose access to legitimate services.
This interference could affect a person’s ability to reach emergency assistance like the police or an ambulance when needed.
“And beyond the financial risk, there are real public safety implications. For instance, when devices are diverted from legitimate networks, even briefly, it interferes with a person’s ability to connect to emergency services,” Johnson said.
The SMS blasters used for the operation were custom-built and have the potential to threaten national security.
“The ones we seized in Toronto were uniquely built, and we’re not sharing those publicly for safety reasons,” said Detective Sergeant Lindsay Riddell.
Devices comparable to SMS blasters, such as IMSI catchers, can intercept and reroute communications, potentially capturing metadata or voice data.
A pattern seen beyond Canada
Although it is described as the first recorded case in Canada, similar operations have been identified internationally.
Philippine authorities arrested two Chinese nationals in February 2026 for operating a similar scheme.
Those suspects hired drivers to carry IMSI devices in the backs of their vehicles while loitering near key government installations, military bases, and even the U.S. Embassy.
Similarly, police in London arrested a student from China in June 2025 for using a similar gadget from his car to send messages to victims.
The Toronto operation has been shut down, but the vulnerability remains, and traditional security tools cannot prevent a fake cell tower from hijacking your phone’s connection.
Via Tom’s Hardware
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.
