Advisory ID: NCC-CSIRT-2026-010
Summary:
The OSGF alerted Nigerian authorities about a cybercrime case in the UAE involving a criminal group that hijacked mobile signals and conducted SMS-based banking fraud. The group used specialized equipment to create fake mobile networks, intercept SMS messages, and send fraudulent messages impersonating banks to steal financial information. This technique poses a potential risk to Nigeria’s telecom infrastructure and financial systems due to the country’s large subscriber base and reliance on SMS banking.
Damage: Critical
Probability: High
Product(s):
- GSM and LTE mobile networks
- SMS messaging infrastructure
- Mobile banking systems using SMS authentication
- Telecommunications spectrum environments
- Mobile subscribers within proximity of a rogue base station
Version(s):
All types and versions
Platform(s):
Telecommunication and Mobile Ecosystems
Description:
The attack technique uses rogue cellular infrastructure designed to mimic legitimate mobile networks.
The criminals deploy signal-jamming equipment to temporarily disrupt legitimate cellular signals within a targeted area. Once legitimate connectivity is weakened, the attackers activate a rogue base station (fake cellular tower) that broadcasts a stronger signal, causing nearby mobile devices to automatically connect to the attacker-controlled network.
After devices connect to the rogue network, attackers can:
-
Send spoofed SMS messages appearing to originate from legitimate financial institutions.
-
Intercept SMS communications, including one-time passwords (OTPs).
-
Conduct large-scale Smishing campaigns targeting banking customers.
This technique is particularly dangerous because it operates at the network layer of the telecommunications network, allowing attackers to bypass traditional Internet security controls.
Threat Types:
- Rogue Cellular Network Attacks / IMSI Catcher Threats
- Mobile Signal Hijacking / Jamming
- Smishing (SMS Phishing)
- Financial Cybercrime / Banking Fraud
- Telecommunications Infrastructure Exploitation
Impacts:
- Unauthorized access to bank accounts through stolen credentials or OTP interception.
- Large-scale financial fraud targeting mobile banking users.
- Manipulation of SMS communications used for transaction authentication.
- Loss of customer trust in telecom and banking systems.
- Possible use of rogue networks for surveillance or data interception.
Solutions/Mitigations:
NCC-CSIRT recommends the following mitigation steps:
- Deploy rogue base station detection systems across network infrastructure.
- Strengthen radio spectrum monitoring to detect abnormal signal activity.
- Implement mechanisms to detect and block unauthorized BTS transmissions.
- Collaborate with security agencies to track illegal telecom equipment.
- Enhance monitoring of SMS gateways and messaging platforms.