Rayhunter: Recording PCAPs from Stingrays With a $20 Hotspot
Cooper Quintin, Will Greenberg
ShmooCon XX (Final) · Day 2 · Build It
In an era of increasing digital surveillance, the ability to reliably detect sophisticated tools like IMSI catchers—often referred to as Stingrays or cell site simulators—is paramount. This talk, presented by Cooper Quintin and Will Greenberg of the Electronic Frontier Foundation (EFF) at ShmooCon, unveils **Ray Hunter**, an innovative and remarkably affordable solution for identifying these covert surveillance devices. The project leverages a $20 rooted mobile hotspot, transforming it into a powerful 4G IMSI catcher detector capable of recording raw cellular traffic for in-depth analysis.
AI review
This talk presents a genuinely clever and highly impactful approach to detecting IMSI catchers (Stingrays) on 4G networks. Instead of relying on expensive SDR setups, the EFF team leveraged a $20 rooted mobile hotspot and the Qualcomm diag protocol to create Ray Hunter, an accessible tool for journalists and activists. While some heuristics are still maturing, the identification of the "wallet inspector" attack and its real-world detection near politically sensitive locations demonstrates concrete, actionable research that directly addresses a critical surveillance threat.