Network technology: 2G/3G/4G
This feature allows the user to manually change the IMEI number as well as define their own IMEI, thus enabling different protection scenarios. When this feature is enabled, calls and SMS cannot be intercepted, and location cannot be tracked. Also, the target correlation methods of modern GSM-Interceptors that match the IMEI of the phone with the IMSI (SIM card used in this phone) will fail.
IMEI Change feature is designed to protect conversations against control and interception by GSM-Interceptor. To intercept your calls, a GSM-Interceptor will capture and use the following phone identifiers:
1. Your phone number (not transmitted over the air but known to the operator).
2. IMSI – unique SIM registration number.
3. IMEI – unique phone registration number, other than the phone number contained in the SIM.
Combined with the special IMSI Change function, your X-ONE becomes an intelligent weapon against interception. By changing the IMEI and IMSI at the same time, you can avoid any GSM-Interception. As all your phone’s identifiers have changed (previously registered in a GSM-Interceptor’s target selection list), the GSM-Interceptor’s operator has to make extra efforts to receive and register your new identifiers. In addition, the system operator cannot understand that he has lost control of your phone.
This feature transforms your phone into a sophisticated counter-intelligence weapon by allowing the user to manually change the IMSI number. SIM cloning starts and generates a new valid IMSI to be used for the next call or message. There are no other phones that can perform IMSI changes. No internet connection, third party servers or special SIMs are required. No monthly fees or commitments.
HOW DOES IT WORK?
The phone will clone any SIM card inserted. Once cloned, the real SIM is quarantined and a virtual SIM is used instead, which can change its IMSI by generating valid IMSIs. Please note that the MSISDN (the phone number associated with the SIM card in use) does not change when you use the IMSI change function.
This feature is designed to attack IMSI Catchers and GSM-Interceptors OTA (Over The Air) via available uplink channels by LUR flooding, sending continuous connection requests (LUR) via RACCH – Radio Access Control Channel in a short period of time, similar to a DoS network attack.
This attack can not be detected by an IMSI Catcher and GSM-Interceptor. XTerminator is highly disrupting for real network and deadly for IMSI Catchers and GSM-Interceptors. Use it with precautions and only when really needed. Due to the sensitive nature, all information is available after purchase.
This feature allows the user to switch between Hunting mode (call and SMS interception detection) and Anti Interception mode (no calls and messages can be sent or received while interception is active, regardless of whether GSM-Interceptor or SS7 means are used).
This feature alerts the user in real time when voice and data connections are being intercepted.
All mobile calls and messages are encrypted by default in almost all mobile networks. The GSM standard encryption algorithm is called A5. There are four variants of A5 in GSM, of which only the first three are widely used: A5/0, A5/1, A5/2 and A5/3. The latest interception technologies are capable of intercepting not only calls and messages, but also data (Internet usage). A GSM-Interceptor or IMSI Catcher forces mobile phones into A5/0 mode (no encryption), which makes it easy to intercept call data and convert it into audio.
X-ONE detects this situation and alerts the user in real time.
This feature is a background process and alerts all unknown cell towers, GSM-Interceptors, SS7 intercepts, C2 monitoring and location tracking.
This feature is true GSM location spoofing. The user can choose which cell tower the phone is connected to. In this way, any triangulation technique used for location tracking will produce false results, resulting in a false location.
Most so-called location spoofing applications are internet-based and only spoof GPS data. This creates a false sense of security because the GSM location is revealed every time the target phone is connected to a mobile network. GSM location data (Cell ID, Location Area Code, etc.) is often used by law enforcement agencies to locate mobile phones.
X-ONE is immune to this type of location tracking since connecting to more distant towers will cause false locations to be stored with the providers, leading to false results if analysed.
Caution: The mobile data connection is also provided by the network operator (via cell towers, which are easy to find). If the phone is connected to the internet via a mobile hotspot, the phone can be tracked instantly.
Optimal location spoofing is implemented for ease of use. X-ONE will always connect to the most distant cell tower, whether it is stationary or in motion.
This feature will start checking both active and passive interception, allowing the user to immediately check whether the Stealth Phone is connected to a GSM-Interceptor or is affected by SS7 surveillance.
After the start, the function begins to check the active and passive monitoring, step by step. When monitoring with active and semi-active GSM-Interceptors, the Stealth Phone checks:
Regarding interception performed by Passive GSM-Interceptors, the phone will check based on real ARFCN:
The phone will ping HLR/VLR core network, computing network redundancy and abnormal ping delays. In the end, will generate a Network Security Rating. 100 % means that the network is 100% secure.
This feature monitors the C2 (cell selection criterion) parameter used by IMSI Catcher and GSM-Interceptor to force a connection to the mobile phone. It also checks the identity of neighbouring cell towers. When the phone is connected to a GSM-Interceptor, no cell towers are displayed as neighbouring towers.
Active and semi-active GSM-Interceptors force any mobile phone to disconnect from its home network and connect to the fake tower by forcing it to re-select the tower (parameter C2). This is called BCCH manipulation and is used by all modern GSM-Interceptors. When this feature is enabled, the Stealth Phone will:
This feature detects lawful interception by SS7 boxes (known as Network Switch Based Interception or Network Operator Assistance Interception). cryptoTRACERⓇ is a unique feature based on XCell’s proprietary algorithms that can instantly detect lawful interception attempts and alert the user when calls and SMS are being intercepted using SS7 (strategic interception solutions).
In addition to IMSI Catchers and GSM-Interceptors, which are small and mobile (sometimes vehicle mounted) interception systems, law enforcement agencies use so-called lawful interception (SS7 interception or operator help interception), a special piece of hardware that is directly connected to the GSM core network (at the level of the network switch).
In order to instantly detect if your X-ONE is monitored by SS7 means, you don’t have to make any call or send/receive a message. Just run cryptoTRACER® and wait for results. After checking phone firmware integrity, cryptoTRACER® will start pinging core network at MSC/VLR and AUC/HLR level. Then will calculate network redundancy and compare to standard redundancy. If a ping delay will be detected, SS7 monitoring alert will be triggered by displaying:
– Network redundancy [!]
– Pingdelay [!]
– Phone status [!]
This feature creates a separate, secure partition in which the IMEI engine, IMSI engine and other security-related software components run smoothly, without the possibility of interference or tampering. The user can verify the integrity of the sandbox and its components at any time.
X-ONE is protected from forensic investigations by volatile USB filters. No forensic device can extract any data or files from the Stealth Phone. As soon as the Stealth Phone is connected to such a device, a PC or a service box, the volatile USB filters trigger a self-destruction of the motherboard, and the Stealth Phone goes into protected mode (permanent boot loop).