- Fake cell towers forced phones to disconnect from nearby legitimate networks
- Millions of disruptions revealed how easily cellular connections can be manipulated
- The attackers simultaneously reached thousands of devices without telecommunications infrastructure.
Canadian authorities have disclosed details of a mobile cyber operation that relied on SMS blasters mounted inside vehicles traveling in urban areas.
Three suspects drove around downtown Toronto with these devices hidden in their cars, posing as cell phone towers.
The Toronto Police Service confirmed it was the first such operation on record in the country, with the campaign causing 13 million network disruptions in total.
Article continues below
How Fake Cell Towers Manipulate Connections
Investigators say the devices mimic legitimate cellular base stations, causing nearby phones to connect automatically due to stronger signal proximity.
Once connected to the malicious system, phones received messages that appeared to come from credible institutions.
These messages often directed users to fraudulent websites designed to extract credentials or trigger unauthorized payments.
As communication has bypassed standard telecommunications protections, traditional protections such as carrier-level filtering have become ineffective, allowing attackers to deliver smishing campaigns directly to inboxes at scale.
The attack affected a large number of devices simultaneously, infiltrating tens of thousands of mobile devices without relying on traditional telecommunications infrastructure.
“What makes this situation particularly concerning is the scale and impact,” said Toronto Deputy Police Chief Robert Johnson.
“This was not targeting a single individual or a single company. It had the ability to reach thousands of devices at once. »
In such cases, users may assume that installed antivirus tools or common malware removal practices are sufficient, but these measures do not prevent forced network redirection at the signal level.
Disruption goes beyond financial harm
The effect of this malicious network is not limited to financial risks, as users temporarily lose access to legitimate services.
This interference could affect a person’s ability to reach emergency assistance such as the police or an ambulance if necessary.
“And beyond the financial risk, there are real public safety implications. For example, when devices are hijacked from legitimate networks, even briefly, it interferes with a person’s ability to connect to emergency services,” Johnson said.
The SMS blasters used in the operation were custom-built and have the potential to threaten national security.
“The ones we seized in Toronto were uniquely constructed and we don’t share them publicly for security reasons,” said Detective Sergeant Lindsay Riddell.
Devices comparable to SMS Blasters, such as IMSI catchers, can intercept and redirect communications, potentially capturing metadata or voice data.
A trend observed beyond Canada
Although this is the first case recorded in Canada, similar operations have been identified internationally.
Philippine authorities arrested two Chinese nationals in February 2026 for operating a similar scheme.
These suspects hired drivers to transport IMSI devices in the back of their vehicles while loitering near key government installations, military bases, and even the U.S. Embassy.
Similarly, London police arrested a Chinese student in June 2025 for using a similar gadget from his car to send messages to victims.
The Toronto operations have been shut down, but the vulnerability remains and traditional security tools can’t stop a fake cell tower from hijacking your phone’s connection.
Via Tom’s material
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds.
