GoKawiilToronto police arrested three people involved in an SMS blaster scheme, in which the suspects drove around downtown Toronto with the devices running in the backs of their cars. These appliances mimic cell sites, intercept phone signals, and are used to send fraudulent text messages. The Toronto Police Service said in a news conference streamed on YouTube that this is the first-of-its-kind operation in Canada, and that the threat had ceased once the operation was broken up. Still, the authorities warned that people should remain vigilant, as they can still receive fraudulent texts via traditional channels.
Canadian investigators discovered that the perpetrators had infiltrated tens of thousands of mobile devices connected to the SMS blaster. It recorded 13 million network disruptions. Affect devices were restricted from accessing legitimate cellular networks and emergency services such as 911.
An SMS blaster works by impersonating a cellular network base station, with nearby handsets automatically connecting to it because it's closer and offers a stronger signal than legitimate cell towers. The operators can then send texts that impersonate legitimate institutions to all phones connected to their fake cell site. The fake SMS that these machines send out appear to come from official sources, such as showing the name of a bank or local government, rather than a phone number or contact.
Article continues below
Because the message appears to come from institutions, victims are more likely to trust it and tap the link sent to their phones. From there, the targets are then routed to a website designed to steal their credentials or make them pay fraudulent charges. This is called smishing, and the SMS blaster enables attackers to reach tens of thousands of potential victims directly, without going through official networks. This allows them to bypass protections put in place by telecommunications providers and access the SMS inboxes of people in the vicinity.
@TorontoPolice News Conference | Project Lighthouse | Thursday, April 23rd, 2026. 10:30am - YouTube Watch On
“What makes this particularly concerning is the scale and impact,” Toronto Police Deputy Chief Robert Johnson said. “This wasn’t targeting a single individual or business. It had the ability to reach thousands of devices at once. And beyond the financial risk, there are real public safety implications. For instance, when devices are diverted from legitimate networks, even briefly, it interferes with a person’s ability to connect to emergency services.”
The Canadian authorities did not release a photo of the actual device they captured, though. Detective Sergeant Lindsay Riddell said, “The ones we seized in Toronto were uniquely built, and we’re not sharing those publicly for safety reasons.” While cheap SMS-only blasters are primarily used for mass smishing attempts, a different class of devices that operate similarly can pose a threat to national security. IMSI catchers also intercept phone signals, but instead of just sending out fake texts, they can route phone signals from the legitimate network through them. This could potentially allow them to record voice calls and capture device metadata.
The police say that this SMS blaster operation was the first one ever recorded in Canada, but other nations have been dealing with these for years now. In fact, Philippine authorities arrested two Chinese nationals in February this year, operating a similar scheme in which hired drivers carried IMSI devices in the back of their vehicles while loitering near key government installations, military bases, and even the U.S. embassy.
Stay On the Cutting Edge: Get the Tom's Hardware Newsletter Get Tom's Hardware's best news and in-depth reviews, straight to your inbox. Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors
... continue reading