Threat Intel
Whilst some people go on about DNSSEC, PUBLIC WIFI and JUICE JACKING they seem to be missing out on a threat that is real, active and has seen increased adoption by threat actors. SMS BLASTING!
Sounds cool, but basically it’s an ISMSI Catcher/Fake CELL network that is broadcasted between 500m and 2Km that lets an attacker send SPOOFED SMS messages to any cell that connects. This can be used for scams, phishing etc.
A history of event so far
Notable SMS Blaster Cases (2022–2025)
| Date/Year | Country | Notes | Source URL(s) |
|---|---|---|---|
| Late 2022–2025 | France | First major European case: Driver arrested in Paris (device initially mistaken for bomb); led to 2025 trial of 14 defendants (including Chinese supplier Kevin Yin) for €21M+ scams impersonating health services (Ameli). | commsrisk.com/14-defendants-face-paris-trial… |
| 2023–2025 | Vietnam | Multiple arrests, including cars in Ho Chi Minh City and Hanoi sending millions of messages; repeated busts in 2025 (e.g., third car in one month, suitcase-portable device in November). | commsrisk.com/third-smishing-sms-blaster… commsrisk.com/vietnamese-describe-methods… |
| 2024–2025 | Thailand | Numerous arrests, often hired drivers paid modestly by Chinese bosses; cases include 1M messages in 3 days (Nov 2024), multiple Bangkok busts (Aug 2025), collaboration with AIS for detection. | commsrisk.com/police-find-sms-blaster… commsrisk.com/thais-caught-with-smishing… therecord.media/bangkok-police… |
| 2024–2025 | Cambodia | Surge in late 2025: Drivers arrested in Sihanoukville (Oct–Nov), roadblocks finding blasters; Dec warehouse raid uncovered ~15 devices stored for distribution. | commsrisk.com/police-find-sms-blaster-hoard… commsrisk.com/sms-blaster-and-imsi-catcher… |
| Jun 2024–2025 | United Kingdom | First arrests (Jun 2024, “homemade” device); Chinese student Ruichen Xiong sentenced (Mar–Jul 2025 operation targeting thousands); total 7 devices seized, multiple arrests including subway use. | commsrisk.com/sms-blaster-smishing-arrests… webasha.com/blog/chinese-student… wired.com/story/sms-blasters… |
| 2025 | Serbia | Two Chinese nationals arrested for operating blaster; part of cross-European gang, impersonating operators/organizations; distinctive equipment (orange inverter). | commsrisk.com/two-chinese-sms-blaster… |
| 2025 | Switzerland | Multiple arrests (e.g., Oct Chinese national in Muttenz/Basel; three men including vehicle owners); impersonating Post Office/Migros. | commsrisk.com/sms-blaster-and-imsi-catcher… wired.com/story/sms-blasters… |
| 2025 | Indonesia | Arrests in Jakarta and elsewhere for bank impersonation scams. | commsrisk.com/sms-blaster-smishing-arrests… |
| 2025 | Qatar | Gang dismantled for impersonating banks/government; equipment seized. | commsrisk.com/sms-blaster-smishing-arrests… |
| 2025 | Philippines | Multiple busts, including Metro Manila drivers linked to same Chinese boss. | commsrisk.com/sms-blaster-and-imsi-catcher… |
| 2025 | Japan | Detections in Tokyo and urban areas; alerts issued, equipment similarities noted. | commsrisk.com/amateur-sleuths-plot-route… |
| 2025 | Oman | Chinese woman arrested driving rented car in Muscat sending phishing links. | risky.biz/risky-bulletin… |
| 2025 | Brazil | Multiple cases in São Paulo; special task force formed. | commsrisk.com/4-rogue-base-stations… |
| 2024–2025 | New Zealand | First arrest (summer 2024–2025); Chinese connections. | techspot.com/news/109575… |
| 2025 | Türkiye | 7 arrests, 3 blasters seized in Istanbul; foreigners involved, orange inverters. | commsrisk.com/7-arrests-and-3-fake… |
Many cases share patterns: Chinese-linked supply chains, similar equipment (silver cases, orange inverters, car batteries), and local drivers recruited via apps like Telegram.
I’ll revisit this later with some guidance on mitigation. The number of events is still very very low, but this is something that has been deployed in the wild (unlike Juice Jacking!)
