Thursday, August 20, 2020

How spies and foreign intelligence can use your cellphone to find you – and eavesdrop on your calls and texts.Are we safe with our telecommunication companies?

Surveillance systems that track the locations of cellphone users and spy on their calls, texts and data streams are being turned against citzens as they roam the country and the world.For some good time and in several articles i have tried to alert the gorvenment and several people about this SS7 vulnerability,SS7 hack or signaling system 7 hack is the process of getting calls or SMS for a subscriber, on another mobile number or in an application. These days many applications use confirmation of user identity using SMS or voice call. If some call and SMS can be routed to another number then it is possible to hack. Ss7 was created in the 1970s as a way for telecommunications carriers to exchange information as they routed calls. Over the years, SS7 expanded to serve a sprawling global cellular system that allowed users to move from network to network — within their own nations and across international borders — without missing calls, losing service or having to make payments to each carrier that routed a signal to their phones.
But as the number of companies with access to SS7 grew from a handful to many thousands, the lack of built-in security became a growing problem. It was easy for anyone with access to the network to pretend to be a carrier making legitimate requests for information about customers. 
Early research of SS7 surveillance focused on its use in tracking user locations through cellphones. But in recent years, a more serious issue has emerged around its ability to intercept calls, texts and data.The most advanced SS7 surveillance systems can monitor the movements of dozens of people for hours at a time, sending alerts if they get close to select areas or to one another,this is very dangerous to some vulnerable targeted group of people or individuals.
 Very many of us may be ignorant or underrate this SS7 vulnerability but risks posed by SS7 surveillance go beyond privacy to affect national security. American, Chinese, Israeli and Russian intelligence agencies (but I also am sure that a foreign country neighbouring us is using SS7 to track some people it deems are not good to it and this country is too treacherous) are the most active users of SS7 surveillance, and private-sector vendors have put systems within the reach of dozens of other governments worldwide. Sophisticated criminals and private providers of business intelligence also use the surveillance technology.
I started getting  interest in this vulnerability  way back in 2015 up to now where i documented various international  and local phone numbers that tried to intercept 2FA authentication  codes of phone numbers aligned to facebook,instagram,twitter accounts of Ugandans.



Ss7 vulnerability exposes the network for SMS and voice hack. Along with this, once access to the ss7 network, the real-time location of a person can be obtained.
SS7 is the traditional network that uses standard ISUP and MAP protocol for call and SMS.
SS7 hack is not simple as it looks, people claim to install software and then just enter phone number to hack SMS or calls.  Getting calls and SMS via a hack is the process to connect to the ss7 network and run an application so that the home network of an original subscriber gets the impression that software is the roaming VLR/MSC node in a network. The first step is to get the ss7 connection.
Get an SS7 Connection for the hack:
Get SS7 Global Title and Point Code: For an SS7 connection, one should have a Global Title and a point code (international), a local point code (local, between you and mobile operator )can be used, depends on ss7 connection provider. If one is a mobile operator, then get this from the standard GSM body. New network code is assigned by gsm so that you can have a big range of global titles or MSISDNs and IMSIs.
If not a mobile operator, one can take a global title on lease from a mobile operator. Once you have GT, now there are the following options.
SS7 connection via an aggregator: In this, you can connect to an SS7 aggregator and they can publish you GT, on all networks. So any traffic coming to your GT will be forwarded by aggregator towards your node or application. Mostly MVNO does this, they have GT ranges, those are published to an aggregator for connecting mobile network operators globally.
Directly with a Mobile Operator: In this, you will have direct links with mobile operators, each will set routing for your GT, towards the serving node. In this, you need to connect each mobile operator Individually.
SS7 vs Sigtran:
If you are using pure SS7 (E1/T1), then the box with the application should be on the premises of mobile operators. If using SIGTRAN, which is IP based, You can have your box in a data center on the cloud.
Ss7 hack tool or Software:
Once one has an ss7 connection. Now time to develop an ss7 application over GSM MAP signaling. SDK for ss7 provides required ss7 stack and libraries for developing ss7 hack software. Before developing the application first finalize the requirements.  If one wants to receive SMS, then the application should be developed to handle protocol messages for SMS. Now the ss7 application will simulate as it is a real device.
Application Registration as a real phone:
The first step is to register the application as a phone registers in the roaming network. This required the IMSI of the sim card, to which the mobile number belongs. Mobile number everyone has but IMSI don’t. So the first step is to get IMSI. Hacking Application sends SRI-SM with the phone number to the HLR, which sends IMSI and roaming information in response. Roaming information includes the county code and area code.
From IMSI the application builds the location update along with other parameters. The open a TCAP dialogue to the SS7 node. The open dialogue needs to fill SCCP called party address and SCCP Calling party address. Called Party address is derived from IMSI and calling party address is the GT of software application.
During Update Location, HLR will respond with ISD or Insert Subscriber Data. The software application needs to acknowledge the ISD to the HLR, else update location procedure will fail and the application will not attach as a phone. One HLR sends update location ACK, which means registration is done.
SS7 Hack for SMS:
Once the application registered with the home network. The global title of ss7 hack software updated on the home HLR as an outcome of update location procedure. When a request for authentication for mobile terminated SMS starts. HLR gets SRI-SM query from the hack application, in the response of SRI-SM, HLR sends have visiting MSC number and IMSI. In our scenario, the MSC number is the GT of application. The sender SMS will send the SMS to the software application using the MSC number. Now its applications responsibility to decode the message and display the message as a user-readable string. Now you have the authentication code you were looking for.
SS7 Hack for Voice:
For voice, after phone registration call flow. The hack software should activate the call forwarding to the new number. While activating call forwarding, the ss7 hack tool can send the type of call forwarding and the mobile number where the hacker wants to receive the call. The call forwarding type can be “Call Forwarding Unconditionally”. This will enable call forwarding all the time. In this case, even the mobile user never comes to know that his call has been hacked. After voice verification, the call forwarding can be removed.
SS7 hack applications examples:
Any application which required user verification from SMS or voice can be hacked by the ss7 network. We will cover the ss7 call flows for WhatsApp and Facebook.
ss7 hack Whatsapp:
Whatsapp is used everywhere. It does the message and file transfer over the IP network. It connects your phone book to the others using phone numbers. So no need to add a contact explicitly. Like in skype, we need to create an account and need to add other skype ids before any communication. But with this app, the phone number is the profile id. While installing WhatsApp it requires user authentication via SMS. If WhatsApp needs to hack, after installation, run the ss7 hack software app and received the authentication message on the hack software app. Enter the code in installed WhatsApp. Now you can have messages on your WhatsApp, while the number belongs to another guy.
ss7 hack Facebook:
Facebook also does authentication via SMS. One can get SMS on an ss7 hack software.
As i have said earlier;it is not the first time that am talking  about this SS7 EXPLOIT.over a series of years i documented;took screenshots of various phone numbers that tried to intercept authentication  messages of accounts on internet.As proof; i even dropped my whatsapp account in march this year and am still hesitant to join whatsapp because i know some foreighn spies or hackers may be having interest in some group of people or individuals.Last week i noticed over three numbers that tried to intercept my email 2FA  codes and solely  meant to take over this blog;my facebook messanger  etc.I alert all who may be running  patriotic  blogs ,websites or any internet account ,social media account ;and if you feel you may be a target please strengthen the security of your website or account.
However;the unfortunate part of it is that i discovered  that many people or organisations are still using computers or mobile phones with un upgraded operating systems.This is very dangerous  for it opens up more vulnerabilities  which the enemies can ride on to ease their attacks.
As the gorvenment has done much to regulate  this form of cyber attacks; which of recent i can pinpoint the arrest of some individuals  behind Simboxing.I call upon the gorvenment to strictly take a survey into the security  of telecom companies  to make sure innocent  citzens do not fall prey to these cyber criminals.
The risk of surveillance of your average user, given the billions of mobile phone users across the globe, is small but those in a place of power or individuals targeted because of various reasons, within organisations or government, could be at risk of targeting, as all that’s required to perform the surveillance is access to the SS7 system and a phone number.
One of the biggest dangers, beyond someone listening to calls and reading text messages, is the interception of two-step verification codes that are often used as a security measure when logging into email accounts or other services sent via text message.
Banks and other secure institutions also use phone calls or text messages to verify a user’s identity, which could be intercepted and therefore led to fraud or malicious attacks.
Given that the vulnerabilities and the possibilities of spying on users relies on systems outside of user control, there is very little you can do to protect yourself beyond not using the services.
For text messages, avoiding SMS and instead using encrypted messaging services such as Apple’s iMessage, Facebook’s WhatsApp or the many others available will allow you to send and receive instant messages without having to go through the SMS network, protecting them from surveillance.
For calls, using a service that carries voice over data rather than through the voice call network will help prevent your calls from being snooped on. Messaging services including WhatsApp permit calls. Silent Circle’s end-to-end encrypted Phone service or the open-source Signal app also allow secure voice communications.
Your location could be being tracked at any stage when you have your mobile phone on. The only way to avoid it is to turn off your phone or turn off its connection to the mobile phone network and rely on Wi-Fi instead.

Security hygiene. We’re all busy at work, so ensuring that our mobile phones and apps have the latest patches may not be our top priority. But if you’re a heavy user of your phone for business, you must make sure it has the most up-to-date security. Also, antivirus for mobile phones is a myth. Compared to our computers, an antivirus app on mobile phone will often fail to protect against malicious apps. However, one security control you can use for network security is secure VPN or Secure Access Service Edge (SASE) . Such a solution can block traffic to malicious websites or data exfiltration attempts.
2. Application hygiene. Any app on your phone can expose data and be used as a bridge to compromise your device.
Whitelisting and blacklisting applications are now becoming standard practice for IT and security administrators, and you should follow these practices on your own phone as well. For instance, do you really need those five messenger apps? Are you automatically downloading content across social media apps? Do your kids or grandchildren use your phone and download games?
3. Privacy hygiene. I know this will sound like the lecture you got from your parents many years ago, but here goes: Don’t give out personal information, especially your phone number, to strangers. A phone number alone will allow cyber criminals to trace you, physically and electronically, anywhere in the world. And remember that your colleagues, suppliers and customers store your number and other contact details on their phones as well — allowing your number to be easily exfiltrated by any fraudulent app they carelessly install.
The more you use your phone for work reasons, the greater you expand cybersecurity threat vectors into your organization’s applications, databases and data. It’s like opening the door of your factory wide open and handing strangers an access card to your mainframe and robotics equipment. It can only end badly.

THERE IN,THERE BY and THERE OF  Niyikiza emmanuel.



FOR God and my country.


You can even read more here

FARDC captures 5 CODECO militiamen

The armed forces of the Democratic Republic of Congo claim to have captured 5 millicians during an operation in the locality of Kunda, in the chiefdom of Babelebe, territory of Irumu.
The confirmation is from Lieutenant Jules Ngongo, army spokesman in Ituri, who denied the information circulating on social media indicating a probable attack on a FARDC position.
"No position of the Armed Forces has been attacked, we have launched operations since yesterday and the routed millitarians have clashed with our elements of the Armed Forces in this area. Moreover, this allowed us to capture 5 of them and currently military operations continue with the objective of neutralizing and erasing this movement in the area "he explained. 
He calls on the local population to be calm, not to panic and to support his army with the end goal "to silence the guns in this land".
The territory of Irumu is currently facing several abuses against the civilian populations on the part of several groups of militia griupss, in particular the Ugandan ADF rebels active in neighboring North Kivu, the FPIC commonly called "Chini ya Kilima", the militia. self-defense

Wednesday, August 19, 2020

MONUSCO launched a police training session for police trainers at Jules Moke school in Bukavu

The United Nations Organization Stabilization Mission in Congo (MONUSCO), through its police (UNPOL) launched on Monday, August 17, at the Jules Moke police school in the commune of Bagira in the city of Bukavu (South Kivu), a training session for trainers of the Congolese National Police (PNC), for the benefit of 40 executives and agents of this institution.
“This training aims to provide the province of South Kivu with a reserve of well-equipped PNC trainers to transmit knowledge to managers and agents during future training sessions. It will last until September 9th. Likewise, since August 10, the United Nations police have been training the commanders of the large units of the PNC South Kivu on human rights and the management of law and order, ”MONUSCO said in its account. rendering of August 19.
In Goma (North Kivu), 25 elements of the PNC attended a training course on "general intelligence" from 8 to 12 August 2020. The United Nations Police (UNPOL) organized this workshop with the aim of increasing their knowledge of intelligence exploitation and transmission methods.
“In Kananga, in Kasaï-Central, from August 17 to 22, 2020, UNPOL is developing the educational skills of inspectors from the branch of the General Inspection (IGPNC) of Kananga, and from August 11 to 20 in Tshikapa, are trained respect for human rights in the management of public order 50 PNC agents ”, adds the report.
In all, according to this report, 1,316 PNC executives and agents, men and women, were trained between January and August 2020, despite the Coronavirus pandemic. And this, on thematic axes such as policing techniques, professional technical intervention gestures, road traffic, general information, community policing, child protection, violence based on gender and the judicial police.

4 new deaths from confirmed cases of Ebola virus disease are recorded in Ecuador, including 2 in Lolanga Mampoko in Boyeka, 1 in Ingende in Botakola and 1 in Mbandaka in Ipeko.


This was reported by the latest epidemiological bulletin of this disease which is rampant in this province of the Democratic Republic of Congo, of August 17, 2020, made public last Tuesday.
The same source adds that 5 new confirmed cases of Ebola virus disease have been identified in this province, including 2 in Lolanga Mampoko in Boyeka, 1 in Ingende in Botakola and 1 in Mbandaka in Ipeko.
No new people have emerged cured from Ebola treatment centers in Ecuador.
“Since the start of the epidemic declared on June 01, 2020, the cumulative number of cases is 94, of which 90 are confirmed and 4 are probable. In total, there were 41 deaths including 4 probable and 37 winners of EVD (Ebola virus disease, editor's note) ”, specifies the same bulletin.

China revealed a new glide bomb similar to the US’ Joint Stand-Off Weapon (JSOW) that is being touted as a munition that can “effectively paralyze an airfield in one shot.

A report by China Central Television (CCTV) has revealed a new glide bomb similar to the US’ Joint Stand-Off Weapon (JSOW) that is being touted as a munition that can “effectively paralyze an airfield in one shot.”
On Saturday, CCTV reported on a new “guided glide dispenser bomb” being fielded by the People’s Liberation Army (PLA) that could wreak havoc on enemy airfields and choke points.
According to a report by the Shanghai-based outlet Eastday , the bomb has a range of roughly 60 kilometers, which it can reach by extending glide fins after deployment. The weapon can carry some 240 submunitions of six different types that disperse over the target, covering an area of up to 6,000 square meters, or about 1.5 acres, according to a lead engineer at China North Industries Group Corp (NORINCO), the bomb’s manufacturer.
500 kilo Munition Dispenser, capable of carrying cluster and other guided munitions. Chinese Verison of The JSOW

“A typical munitions dispenser like this can disable an airfield for an extended period with only one shot, because the sheer number of submunitions means the whole runway will be destroyed, and it is also possible that some of the submunitions will be mines, which will make attempts to repair the runway very risky,” the Global Times reported, paraphrasing a military expert.
That makes the new bomb much like the British JP233 anti-runway penetration bomb, which deployed both tarmac-wrecking bomblets and hand grenade-like munitions for repair crews to stumble upon later. However, unlike the JP233, which had to be deployed manually by a Tornado jet making a terrifying low pass directly over the airstrip, a Chinese aircraft could drop this glide bomb safely from dozens of miles away.
Under ideal conditions, anti-runway bombs can be war-changing. The Israel Defense Forces, which pioneered the bomb type, used them to devastating effect in Operation Focus during the early hours of the 1967 Six-Day War, destroying almost the entire Egyptian Air Force while it was sitting on the ground.
The Drive also noted that, like the American JSOW, the Chinese weapon could also be used for suppression of enemy air defenses (SEAD) by replacing the bomblets with a single huge warhead. With the CCTV footage showing a launch from a Shenyang J-8 fighter long used by the PLA in a SEAD role, the possibility of it filling this role cannot be dismissed.
According to the Global Times, the J-16 and JH-7 strike aircraft and the H-6 bomber can carry the weapon.

kalshinikov company to demonstrate a rifle that can sync with mobile phones and other mobile devices

-
Kalashnikov will demonstrate its smart-rifle that can sync with mobile devices at Army-2020 expo, the company said on Tuesday.
According to the arms manufacturer, the new firearm is based on MR-155 smoothbore rifle.
The video on the company's VKontakte page shows the rifle's futuristic design. The new firearm has a collimator sight and a synchronization display.
The expo is scheduled to take place from August 23-29 near Moscow.

Norway has expelled a Russian diplomat on allegations of espionage

Police in Norway detained a 50-year-old Norwegian male, accused of giving secret information to a foreign country that "could harm Norway's fundamental interests", on 15 August. The arrested man allegedly met with a Russian intelligence officer.
The Norwegian Foreign Ministry has decided to expel a Russian diplomat from the country in connection with the espionage scandal, the NRK reported.
According to the report, the diplomat acted in a manner that was "incompatible with diplomatic status".
As the head of the communications department of the Norwegian Foreign Ministry, Trude Maaseide, told NRK, the diplomatic department made the decision because "the Russian diplomat met with a Norwegian spy". He also noted that the name of the diplomat will not be announced, but that the expelled official worked in the trade department at the Russian Embassy.
The Russian Embassy in Norway hasn't commented on the matter.
On 15 August, the Norwegian police security service arrested a person who had reportedly met with a Russian intelligence operative and is suspected of handing over state secrets. The detained Norwegian has refused to admit any guilt and demands to be released from police custody. According to the police security service, he met with a Russian intelligence officer several times. The man could face up to 15 years in prison.
The company DNV GL has confirmed that the arrested person was one of its employees. The company said that he had no access to classified information and that he did not work on any projesct related to defence.

North kivu records the highest number of new Covid19 cases again!

 DRC recorded on  Tuesday 20 new confirmed positive cases for covid 19. According to the bulletin of the technical committee of the response, 12 cases are from North Kivu, 5 in Kinshasa, 2 in Ituri and 1 in Haut Uélé.
Since the start of the epidemic declared on March 10, 2020, the cumulative number of cases has stood at 9,741, including 9,740 confirmed cases and 1 probable case.
13 new people discharged cured in the CTCo and among the patients followed at home in Kinshasa. There have already been 8,895 people cured and 246 deaths (245 confirmed cases and 1 probable case since the start after 3 new deaths of the confirmed cases recorded this Wednesday.
• 213 suspected cases after investigations;
• 293 samples tested;
In its bulletin, the response indicates that the Covid-19 test is free for everyone in the Democratic Republic of the Congo. However, the traveler test costs US $ 30.
The 17 provinces affected:
• Kinshasa: 7,854 cases;
• North Kivu: 563 cases;
• Kongo Central: 429 cases;
• Haut-Katanga: 314 cases;
• South Kivu: 295 cases;
• Lualaba: 94 cases;
• Ituri: 90 cases;
• Haut-Uélé: 44 cases;
• Tshopo: 27 cases;
• Nord-Ubangi: 9 cases;
• Ecuador: 6 cases;
• Kwilu: 6 cases;
• Sud-Ubangi: 5 cases;
• Haut-Lomami: 1 case:
• Kasaï: 1 case;
• Kasaï Central: 1 case;
• Kwango: 1 case.

Suspected ADF rebels ambushed road users on Mbau-kamango in Beni and killed 7

Suspected ADF rebels ambushed users of the Mbau-Kamango road in Beni territory in North Kivu late Tuesday, August 18, 2020.
According to Esdras Mathe, president of the Youth Council in the Beni-Mbau sector had to say, the provisional report shows 6 people killed including two security elements at Kilometric Points 18 and 19 in the Beni sector. -Mbau.
Official sources speak of 7 dead.
"So far, we have recorded 7 dead. There are civilians including those of Beni-ville and Oïcha or even security elements who died during this ambush. Some bodies have already been transported to Oïcha and Beni-ville. Others would still be at the scene of the tragedy, "said Nicolas Kikuku, burgomaster of Oïcha commune.
The victims killed left the city of Beni for the region of Watalinga in the same territory.
The association of Taxis-motorcycles and cars has decreed a "taxi-free day" throughout Beni from Wednesday August 19, in order to sympathize with the families of people who fell in this ambush.There is increased attacks by ADF rebels in this territory and it is believed that they have mastered the deployment schedules and movements of FARDC,and it us why they hit their targets easily who are mainly innocent civilians.

Tuesday, August 18, 2020

5 killed by ADF in a Tuesday attack


5 people, including two soldiers, were killed in an ambush attributed to fighters of Allied Democratic Forces (ADF) on Tuesday, August 18, at kilometer point 18 (PK18) on the Mbau-Kamango road, in Beni territory. (North Kivu).
According to local civil society, among the victims are two soldiers and two women. Janvier Kasairyo, one of the representatives of civil society in Beni territory who said that most of the civilian victims came from the locality of Kamango for the town of Beni.
The bodies were lifted from the scene of the tragedy and are currently in the morgue of the Oicha General Hospital, the same source adds.
Not far from there, at kilometer point 27 on the same road, the army confronted a group of ADF fighters at 12 noon local time. After a few minutes of clashes, the attackers stalled.
"Our troops have activated the combat patrol in the area to put an end to these terrorists, who are trying to avenge the surgical strike they had in the Banande-Kainama group," said Anthony Mualutchayi, spokesperson for Sokola operations. 1.
This is the second rebel attack that claims victims every week. Four civilians were killed last week by Ugandan ADF rebels at kilometer point 16.

M23 in Plans of massive attacks on Sake,Goma,Butembo and Bunia, and rumours all over DRC unconffirmingly have Uganda implicated in this act!

 They have been a lot of claims that M23 rebels are about to lay dangerous attacks on the city of Saké as well as the towns of Goma and Bute...