DICT warns public against 'drive-by-hacking’ modus operandi

By Tristan Nodalo, NewsWatch Plus

Published Jan 7, 2025, 5:08:59 PM

enablePagination: false
maxItemsPerPage: 10
totalITemsFound:
maxPaginationLinks: 10
maxPossiblePages:
startIndex:
endIndex:

Metro Manila, Philippines - Scammers and hackers have stepped up their game using advanced tactics to target more victims through text messages, according to the Department of Information and Communications Technology (DICT).

In a press briefing, Information and Communications Technology Secretary Ivan Uy issued a warning about a new modus operandi called “drive-by hacking.”

In this method, scammers drive around public areas with specialized equipment designed to trick mobile phones into connecting to their devices instead of legitimate cell towers.

"We are acquiring new systems and equipment to address this because these scammers continuously improve their tactics and acquire new tools," said Uy.

He explained the mechanics of the new hacking technique.

"Now, they’ve acquired new devices that don’t even need to access the network directly. It’s like a 'man-in-the-middle' attack. When you open your cellphone, you think you’re connecting to the telco’s cell site, but in reality, you’re connecting to the hacker's device, which mimics a cell tower. The hacker brings equipment that pretends to be a cell tower, and that's how they intercept your number," Uy said.

[Translation: Ngayon, nakakuha sila ng mga bagong kagamitan na hindi na kailangang kumonekta nang direkta sa network. Parang isang 'man-in-the-middle' na atake. Kapag binuksan mo ang iyong cellphone, akala mo kumokonekta ka sa cell site ng telco, pero ang totoo, kumokonekta ka sa aparato ng hacker na nagpapanggap na isang cell tower. Nagdadala ang hacker ng kagamitan na nagpapanggap na cell tower, at doon nila nakukuha ang iyong numero.]

The DICT chief noted that the agency has caught a number of hackers using this tactic, especially during the holiday season when mobile phone activity was high.

"So, now the hacker knows, 'Oh, this number is active.' All they have to do is park their car with the equipment and wait. We've caught many of them – we call it 'drive-by hacking.' They load the equipment into their vehicle, drive around, and park outside buildings, often near malls," he added.

[Translation: Ngayon, nalalaman ng hacker, 'Ah, active itong number na ito.' Ang gagawin lang nila, ipapark nila ang kanilang sasakyan na may dalang kagamitan at maghihintay. Marami na kaming nahuli na ganito – tinatawag namin itong 'drive-by hacking.' Ipinapasok nila ang kagamitan sa sasakyan at nagmamaneho sila sa paligid, madalas sa labas ng mga malls.]

Once the hackers have captured the phone numbers, they send out seemingly legitimate text messages.

"Once they capture all those numbers, they now send a text blast, making it look like the message is from a trusted source — such as a bank, a telco, or a credit card company — to trick you into believing it's legitimate communication," Uy said.

The DICT also revealed how the equipment is brought into the country and its purpose.

"Most of this equipment is actually smuggled because it’s illegal, but sometimes these same devices are used by politicians, especially during election seasons. They use them to send out mass campaign messages. These are the same types of devices that scammers and hackers are now using," Uy noted.

In response, the DICT has begun acquiring new equipment to counteract this growing threat.

Latest from this section

LRT operator confirms fare hike proposal

nwp-website

©️ Broadreach Media Incorporated 2024. The NewsWatch Plus Philippines name, logo and all associated elements have trademark. ™️ All rights reserved.