Nauman Khan

Telecom Threat Management Lead Consultant

stc

Nauman Khan specializes in Threat Intelligence & Offensive Security for 2G–5G networks. With over two decades in the telecom industry, Nauman excels at intelligence gathering, threat analysis, security assessments, and the art of connecting the dots.

Speaker sessions

Blasting Through Defenses: The Rise of SMS Blasters Beyond Stingrays in the Middle East

SMS Blasters represent a critical, evolving threat that's rapidly bypassing traditional and modern mobile network defenses. These sophisticated devices, an evolution far beyond conventional IMSI catchers (Stingrays) and Fake BTS, mimic legitimate mobile towers to lure mobile phones into connecting. Their primary exploit lies in forcing devices to downgrade to less secure 2G/3G networks, allowing them to inject high volumes of unsolicited and malicious SMS messages directly onto devices, completely bypassing Mobile Operator's anti-spam and anti-fraud systems.This session will explore the evolution of this threat, tracing its journey from Asia Pacific to Europe and now to the Middle East. We'll then dissect the technical modus operandi of SMS Blasters, exploring how they weaponize rogue cellular towers for mass smishing, financial fraud, and even sophisticated social engineering campaigns. We will delve into the critical vulnerabilities they exploit in mobile network protocols, particularly the often-overlooked weaknesses in 2G/3G Networks, and discuss their increasing commercialization, which makes them accessible to low-skill attackers. Crucially, the profound impact of this threat on National Security, Mobile Network Operators (MNOs), and Mobile Users will be thoroughly examined.The Middle East has become a recent and significant target for this threat, with documented incidents across multiple countries. Attendees will gain a deep understanding of this emergent landscape, learning to identify the signs of SMS Blaster activity — both as a mobile operator and a mobile user — and discover potential mitigation strategies to protect their networks and mobile devices.