blank

XCell Security

Cell phones that can't
be tracked?

Blog icon written by XCell Technologies
Calendar icon

Published on July 05, 2021

What's behind it?

Untrackable phones refer to the phone’s ability to hide its real geo-location by showing its location in a different place than where the phone actually is. Some kids’ apps available on Google Play Store or Apple Store use third-party data connections and servers and display a fake GPS location in another part of the world, which is not only stupid but also dangerous when it comes to law enforcement:

You can’t trick authorities with this kind of apps, because the real GSM location used by law enforcement to track a cell phone will reveal their real location despite VPN.

Conceptually, location tracking is usually misunderstood or confused with GPS location tracking:

  • Cell phones are not tracked by the built-in GPS module unless a spyware app installed on the respective phone collects and sends GPS data to a server where it can be viewed by attackers.
  • The GPS module does not transmit a signal. A GPS module is merely a radio receiver, like your radio. A radio receiver cannot be tracked, of course, because it is a completely passive device. The same is true for your cell phone’s GPS module. Sure, a cell phone GPS feeds location data to some other apps you have installed on your phone, apps that can be exploited remotely to spy on your GPS location data. But in real life, this doesn’t happen too often as very few actors like NSA have this privilege.
  • Some big marketing companies also use some tracking apps that phone users install on their own phones (location-based services), or they distribute cloaked apps (similar to malware) that collect location information from the user’s phone along with other data.
  • There are many cell phones that do not have a GPS function (no GPS module). But that doesn’t mean that these cell phones can’t be tracked. Mobile location tracking was not born in the same time as smartphones, as they are as old as cell phones themselves. In most countries, if a silent phone cannot be tracked, it is immediately banned from sale and use for obvious reasons.

    Location tracking does not use GPS data, but connection data. There are 4 main options when it comes to location tracking by state actors:

    1. SS7 vulnerabilities. In this scenario, it is not the phone that is attacked, but the vulnerabilities in the SS7 network that help the attacker find out the location of your phone. The attacker finds out the location of the cell tower your phone is connected to. Therefore, it is quite easy to locate your phone. Example: ULIN.
    2. With direct help from the network operator, which provides location data from the target phone. Triangulation techniques (also known as multilateration) can determine the location of a cell phone with an accuracy of up to 3 meters, better than most GPS trackers.
    3. Using a GSM interceptor, which has location tracking capabilities and sometimes uses a DF antenna to find the location of a cell phone by forcing the phone’s paging channel to continuously transmit a signal.
    4. By remotely installing spyware apps, such as FinSpy.

    The first two can be performed remotely. The third method requires a certain distance to the target cell phone (up to 5 km).

    When you talk about untraceable cell phones and untraceable phone calls, it pretty much depends on what perspective you’re looking at it from.

    From a normal person’s point of view, all phone calls and all cell phones are completely untraceable. There is no way to track a cell phone unless you manage to install a commercial spy/tracking app on the target phone. Remote installation is not available for commercial spyware, so there are practically no chances to track a cell phone.

    From a hacker’s perspective, things look a little different. Experienced hackers can track the location of some cell phones depending on which network the phone is registered to (depending on whether the mobile network has an effective SS7 firewall) and how much information the hacker has about the phone number, IMEI, and so on. The same hacker can even intercept phone calls and messages by using some open source software and SDR hardware through sniffing and MITM attacks. However, the hacker itself is not the real danger, but the people who can afford to hire such a hacker. Don’t worry, hiring a competent hacker will be way too expensive for your mother who just wants to find out where and with whom you spent the last night.

    Finally, from the perspective of government actors such as intelligence, homeland security or law enforcement. For all of them, with very few exceptions, there are NO UNTRACKABLE PHONES.

    Now let’s be honest: Who do you really fear? Your neighbor? Your girlfriend? Your father? Probably not, so that leaves only the government actors mentioned above.

    To avoid location tracking, you have few options:

      • do not use a cell phone…
      • use a Stealth Phone that has real anti-tracking capabilities and takes advantage of the cellular connection.

      True location concealment cannot be achieved with any apps, as the phone user (we are talking about regular phones) cannot manipulate the connection to the cell tower, as is the case with XCell Stealth Phones.

      blank

      BTS (Base transceiver station).

      Let’s keep in touch!

      We’d love to keep you updated with our latest news and offers

      Further articles

      Anonymous SIM Scams

      Beware Anonymous SIM Scams

      Protected SIM cards? Empty promises of benefits that are in fact useless and do not protect you from interception. Read the full article

      blank

      Pay with cryptocurrencys

      Prefer to pay in cryptocurrency? We’ve got good news for you. You can easily pay by crypto and we will ship your Stealth Phone to you.

      How confidential are your calls

      How confidential are your calls?​

      This case, discovered by Indian cybersecurity researcher Anand Prakash, was just a bug of bad programming, and is euphemistically called IDOR, short for Insecure Direct Object Reference.