“An SMS blaster works by mimicking a legitimate cellular tower. When nearby phones connect to it, users receive fraudulent text messages that appear to come from trusted organizations,” explains the police.
Project Lighthouse: how the investigation began
Canadian authorities opened an investigation they named “Project Lighthouse” in November 2025 after receiving tips about suspicious activity in downtown Toronto. Police say the inquiry identified equipment that impersonated cellular towers to push phishing SMS messages to nearby phones. The agency described this as the first time such a device has been spotted in the country.
How the SMS blaster technique functions
According to the police, the devices operate by emitting signals that mimic a legitimate cellular tower. Mobile phones within range automatically link to these rogue base stations because the signal appears stronger. Once connected, operators can push SMS messages directly to affected devices; the messages appear to come from trusted entities such as banks or the government.
Police explained that no phone numbers are required for these messages to be sent—only that targets be within range. In densely populated areas, that allows practical mass distribution, which is why operators and investigators call the tool a “blaster.” The messages often prompt recipients to click links that lead to fake websites designed to capture personal information, including banking credentials and passwords.
Police actions, seizures, and arrests
Searches were conducted in Markham and Hamilton on March 31, during which police say they seized multiple SMS blasters and other electronic devices. Two suspects were arrested at that time. A third man turned himself in on April 21. Investigators reported that the equipment was operated from vehicles, which allowed the operators to move across the Greater Toronto Area and target large numbers of people.
Police estimate that during the SMS blaster’s operation there were about 13 million cases of mobile network entrapment—phones temporarily forced onto the rogue stations.
Impact on users and emergency services
Beyond the phishing risk, the police note a direct safety concern: devices connected to those rogue stations are temporarily disconnected from their legitimate provider networks and cannot reach emergency services if needed. That interruption changes a nuisance or fraud event into a potential public-safety issue for anyone within the blaster’s range at the wrong moment.
What this means for technologists, policymakers, and end users
- Technologists and security teams: the police recommend a practical configuration step for Android users—disable 2G downgrades—as a defensive measure, though they warn that this will not be effective against more advanced setups targeting LTE or 5G signaling.
- Policymakers and regulators: the appearance of a vehicle‑mounted system that can mass‑push phishing messages and disrupt emergency connectivity highlights an enforcement and regulatory problem tied to rogue base stations and mobile-network signaling protocols.
- End users and the general public: police advise treating SMS as an insecure channel—avoid following links received over SMS and use end‑to‑end encrypted channels for sensitive data or communications.
The arrests and seizures close one investigative chapter but raise operational questions about mobile‑network signaling abuse, vehicle‑mounted equipment, and public safety in dense urban areas. Canadian police have framed the episode as the country’s first confirmed use of such a blaster; investigators will likely focus next on how the devices were acquired and whether similar activity exists elsewhere. Read the original reporting here: https://www.bleepingcomputer.com/news/security/canada-arrests-three-for-operating-sms-blaster-device-in-toronto/
