Stealth Phones: your complete guide
  • Home
  • The List
  • The Black List
  • About
  • Contact
  • Blog

New Stealth Phones: XCell Dynamic IMEI v4, XCrypt and XCell Pro

3/3/2019

6 Comments

 
We are back after a long holiday, with a good news for stealth phones enthusiasts: back in 2018 XCell Technologies has launched a new product range: Law Enforcement Product Line. It comes with 3 different improved stealth phones: XCell Dynamic IMEI v4, XCrypt and XCell Pro.
Picture
XCell Technologies claim that "new XCell Stealth Phone versions are not available on the website for public use, due to NDA agreements with certain law enforcement and intelligence agencies". However, private persons can buy small quantities by direct email orders.
- XCrypt, a military grade SMS encryption Stealth Phone which combine active security measures (dynamic IMEI) and passive measures (SMS encryption). The phone can send/receive standard/unencrypted SMSs to/from any other cell phone.
 - XCell Dynamic IMEI v4 Stealth Phone: will come with newly added Security Suite (cryptoTRACER v2.0, Interception Instant Check, Sandbox v2 and C2 Monitoring).
 - XCell Pro: same as XCell Dynamic IMEI v4 Stealth Phone, but with a revolutionary and absolutely unique function: IMSI Change. This will be our next flagship product. A real weapon when used in a smart way. Also, cryptoTracer v3.0 will run on this device.

Please see below a few specs:

Picture
New launched XCell Stealth Phones are using a few patented and proprietary methods in order to detect call and SMS interception performed by any means, methods which have been developed close to our main clients - law enforcement and intelligence agencies. We have to admit that all new special functions has been not only suggested by them, but intensively tested by our main clients (the above ones) on various interception systems before public release. Moreover, XCell Stealth Phone has positively passed security audits from 3 different third party security audit companies. We are proud to say that our programmers and engineers, former or active IMSI Catcher and GSM Interceptor developers has done their best, releasing not only the most secure cell phones, but an unique piece of technology in the field of anti-interception devices, condensed in a innocent look like cell phone. Used in a smart way, XCell Stealth Phones can be a real weapon in tactical field.
 
About Interception Systems

1. Active and semi active interception is easily detected due to the method by which this interception is done. The handset will detect any lack of standard GSM encryption (A5/1) generated by any active and semi active interceptors.

2. Newest GSM Interceptors, instead of "no ciphering" (A5/0), will lower encryption level from standard A5/1 to weaker A5/2 encryption algorithm (which can be decrypted in real time) managing this way to trick most of "secure" devices that claim to detect interception. XCell Stealth Phones will trigger Interception alert whenever will detect such low encryption, by displaying a yellow icon lock on top of the screen (instead of green lock icon):
Picture
No other secure phones are capable to detect and display this kind of critical information.
However, most used interception systems nowadays are active and semi active (most of them are mobile systems), due to the high rate of success when it comes to call interception and also because interception warrants are not really required.

3. Lawful interception (also known as network switch based interception, SS7 interception or interception based on operator help) is made by using a special hardware installed on operator side at HLR/VLR level or most common at SS7 level (network switch), by law enforcement agencies. When a phone call or SMS is diverted by such hardware, will generate a specific delay due to hardware latency. Our proprietary algorithm called cryptoTRACER® is detecting this latency, alerting user when a phone call is monitored by SS7 means.
 
Special phone functions, explained

  1. Dynamic IMEI (available for XCell Pro, XCell Dynamic IMEI v4 and XCrypt)

    All IMSI Catchers, GSM Interceptors and SS7 Interception Systems are using mainly phone IMEI in order to perform call interception.
    Phone unique ID (IMEI) will be automatically changed after every single call or SMS, based on a special algorithm that generates valid IMEIs. Also, the user can set up a custom IMEI. Advantages of using a custom IMEI are explained in User Manual. By enabling Dynamic IMEI function, is like using a new cell phone for every outgoing and incoming call and SMS.
    Legal note: original IMEI can be restored at any time by the user, by simply selecting “Use original IMEI” option.

  2. A5 tracer (available for XCell Pro, XCell Dynamic IMEI v4 and XCrypt)

    All communications on GSM networks are encrypted by default, using a stream cypher called A/5. In order to perform call interception, GSM Interceptors will disable network encryption or (the newest systems) will lower encryption level from A5/1 to weaker A5/2 which can be decrypted in less than a second.
    The phone will permanently monitor standard A5/1 GSM encryption (provided by the GSM network), triggering alerts whenever lack of encryption or encryption switching will be detected, alerting this way the user about call interception before making a call or answering a phone call.

  3. CryptoTracerⓇ (available for XCell Pro, XCell Dynamic IMEI v4 and XCrypt)

    Beside IMSI Catchers and GSM Interceptors which are small and mobile (sometimes vehicle mounted)  interception systems, law enforcement are using so called Lawful Interception (SS7 Interception or Interception by operator help), a special hardware connected directly to GSM core network (at network switch level).
    CryptoTracerⓇ is a unique function based on XCell proprietary algorithms which can instantly detect lawful interception attempts, alerting user whenever calls and SMSs are intercepted by SS7 means.
      4. Anti Interception (available only for XCell Pro and XCell Dynamic IMEI v4)

When enabled, Anti Interception function will simply block any outgoing and incoming calls and SMSs, as long as interception is detected by the phone. The phone will remain silent during interception attempts.
 
      5. UnPing (available only for XCell Pro and XCell Dynamic IMEI v4)

In order to locate the phone, law enforcement are sending to the phone so called Location Tracking Pings (LTP), which basically are malformed SMSs (invisible on ordinary cell phones, no matter the brand, price or technology used), usually by using GSM network. In response to received ping, an ordinary phone will send back his GSM location data (not to be confounded with GPS tracking) consisting in tower Cell ID data, which actually means the tower GPS position on which the phone is connected to.
When UnPing function is enabled, XCell Stealth Phone will:
a. trigger alerts whenever a Location Tracking Ping is received
b. block responses to received LTP, hiding this way the phone location. Certain special settings are involved.
Location tracking alerts are displayed on phone home screen, being also stored on a text file.
 
 
      6. Kc (ciphering key) extraction alert (available only for XCell Pro and XCell Dynamic IMEI v4)

GSM Interceptors (semi active ones), in order to decrypt intercepted phone calls, need to know ciphering key (Kc) which is stored on the SIM card. In order to get Kc off the SIM, a GSM Interceptor will send to the phone so called challenges (special pings, other than LTP), to which the phone will reply with parts of ciphering key. Depending on GSM Interceptor type and brand, 5 to 20 pings needs to be sent to get a complete ciphering key.
XCell Stealth Phones will alert the user whenever such a ping is received, displaying alerts on phone home screen. Alerts history is saved on a text file.

       7. Channel lock (available only for XCell Pro and XCell Dynamic IMEI v4)

A cell tower and a mobile phone are communicating by using a pair of radio channels (uplink and downlink), called ARFCN. Every cell tower is using different ARFCN, because of the GSM network requirements. When a cell phone moves from a cell tower on another, will change ARFCN (which is called handover). An IMSI Catcher or GSM Interceptors which basically are fake cell towers, will add a new ARFCN to local GSM network, in order to force the phones within area to connect to the “new cell tower”, performing this way call interception.
When enabling Channel lock function, XCell Stealth Phones will lock on a certain real cell tower, preventing this way a connection to any other cell tower, including fake ones (IMSI Catchers, GSM Interceptors). More info on User Manual. Phone handover will be blocked, so the phone will remain connected on the real GSM network.

         8. Location spoofing (available only for XCell Pro and XCell Dynamic IMEI v4)

Mobile phone location tracking is based on the cell towers on which the phone is connected to. A cell phone can “see” 6 neighboring cell towers at a time (or less, depending on the area), and law enforcement is using this info in order to calculate accurately the cell phone location (+/- 5 meters) by using so called GSM triangulation procedures.
XCell Stealth Phone users can effectively hide (spoof) the real phone location, by using this special function. The phone will spoof location whenever is static or on the move, by randomly connecting on cell towers. This way, the phone will appear to be 1 to 10 Km away from its real location (depending on the network cell towers density).
For location spoofing, XCell Stealth Phones does not need to use Internet connection and/or third party servers, being a built-in feature. More info on User Manual.
Also, XCell Stealth Phones have no GPS modules, adding this way an extra security layer.

        9. TMSI monitoring (available only for XCell Pro and XCell Dynamic IMEI v4)

Because IMSI (SIM card unique identifier) sending out to the network should be prevented for security reasons, the network will allocate instead IMSI, a temporary IMSI called TMSI. Based on GSM regulations, TMSI have to change on every phone restart, and when the phone is changing LAC (Location Area Code).
Once connected to a GSM Interceptor, the phone will display the same TMSI after restarting, due to low computing capabilities of the GSM Interceptor, compared with a GSM network.
If there are any doubts, the user can restart the phone and checking if a new TMSI pops up on the home screen. If not, that means the phone is connected to a fake cell tower, being at risk. This way, the user can instantly check out of the phone is connected to the real network or to a GSM Interceptor.
 
          10. Clear call log (available only for XCell Pro and XCell Dynamic IMEI v4)

The phone will automatically clear call log, so no call history will be available in case of forensic analysis.
 
           11. Auto call recording (available only for XCell Pro and XCell Dynamic IMEI v4)

The phone will automatically record every single phone call, saving audio files on phone internal memory or SD card. There is no notification recording at the beginning of the call, or an audible beep-tone for secret recording. Own call recordings are useful when audio editing is used on actual recordings, changing the meaning of the conversation (law suits).
 
           12. SMS military grade encryption (available only for XCrypt)

XCrypt it’s a special software application used to send/receive two kind of messages: standard and encrypted SMSs. Since standard SMSs can be sent/received to/from any other cell phone, encrypted messages can be exchanged only between two or more XCrypt Stealth Phones.
Because XCrypt it’s a part of Operating System and does not run as a stand alone application, it is  not possible to decompile or reverse engineering the obfuscated code, in order to find out which encryption algorithm is used, in order to attempt SMS decryption.
XCrypt does not use for encryption Internet connection and third party servers, but a special partition (Sandbox) that run on the phone.
 
            13. Forensic bulletproof (available for XCell Pro, XCell Dynamic IMEI v4 and XCrypt)

The phones are protected against forensic analysis by volatile USB filters. No forensic device can extract any data or files off the phone. Once connected to a forensic device, PC or service box, volatile USB filters will trigger motherboard self-nuke, and the phone will get in protected mode (permanent boot loop) due to bootloaders auto-delete. If the phone is accidentally connected to a PC for charging purposes, the self-nuke mechanism will be triggered. Only provided wall chargers should be used for charging, being paired with the phones.
 

Security Suite
 
On new launched XCell Stealth Phones we have added a new section: Security Suite. Along with other special functions, all other functions contained by Security Suite run in a separate partition (Sandbox) for a faster operation.

1 - IMSI Change which along with IMEI change function is transforming the phone in a real sophisticated counterintelligence weapon. IMSI Change function does not require any Internet connection, third party servers or monthly subscription. This special function runs locally on the phone (Sandbox partition), being a unique function which no other phones offer at this time.

IMSI Change function allow user to change IMSI value (SIM registration number stored on the SIM card), by keeping the same phone number (MSISDN).
How does it work?
The phone will clone any SIM card inserted (please use only MNO SIM Cards) by using a Sandbox located app: IMSI Virtual Engine. Once cloned, the real SIM will be quarantined, being used instead a virtual SIM card which can change its IMSI by by generating valid IMSI’s. Please note that abusing this function can generate SIM network rejection (network dependent). Use it carefully.
IMSI Change does not work automatically, as IMEI change works. The user should launch IMSI Change every time when a new IMSI is needed, generating a new virtual IMSI and then exiting the application. The new generated IMSI will be used only for the next outgoing or incoming call. After that, the phone will return to original IMSI. If a new IMSI will be needed, the whole process should be repeated.
Please note that MSISDN (the phone number) will not change when using IMSI change function.
Used in conjunction with IMEI change, IMSI change function will transform your XCell Stealth Phone Pro in one of most powerful communications weapon: you will literally have a new phone (IMEI) and a new SIM (IMSI) for every single phone call. Use it with precautions.

2 - cryptoTRACERⓇ, which is a function that can detect lawful interception performed by SS7 Boxes (aka Network Switch Based Interception);

3 - Sandbox
IMEI engine and other software components has been moved in a separate partition (Sandbox) in order to make them working faster and smoother. System restarting has been suppressed in case of any abnormal network characteristics (i.e. generated by IMSI Catchers/GSM Interceptors).

4 - Interception Instant Check
Once launched, the function will start checking both Active and Passive interception, step by step. Regarding interception performed with Active/Semi Active GSM Interceptors, the phone will check:
 
1.    BTS parameters
2.    RSSI
3.    Cell ID
4.    LAC
5.    ARFCN
6.    Ki retrieving attempts (ciphering key stored on the SIM card).
7.    Baseband attack attempts.
 
Regarding interception performed by Passive GSM Interceptors, the phone will check:
 
1.    Uplink.
2.    Downlink.
3.    Will ping HLR/VLR core network, computing network redundancy and abnormal ping delays.
4.    In the end, will generate a Network Security Rating.
 
5 - C1/C2 monitoring
By forcing cell reselection (C2 parameter), Active and Semi Active GSM Interceptors will force any cell phones to disconnect from home network and connect to the rogue BTS impersonated by the equipment. This is called also BCCH manipulation, being used by all modern GSM Interceptors. When launching this function, the phone will:
 
1.    Extract C1 value, from serving cell.
Will compute C2 value by using a special algorithm, the same used by any GSM network
2.    Will look for at least other 6 neighboring cell towers, ordered by RSSI value.
Will compare C1 to C2.
3.    Will trigger alert if no neighboring cells are found (a clear indication that a GSM Interceptor is active within area).
Will look for CPICH, RSCP and BCCH.
4.    Will display forced handover attempts (if any).
5.    Will display Channel lock fails (if any).
 
 
XCell Pro, XCell Dynamic IMEI v4 and XCrypt comes in 3 flavors:

  • Branded version (XCell logo, XCell URL, XCell homescreen, XCell boot animation and shut down animation, etc.)
  • Unbranded (white label) version. Generic phone, will be delivered under Samsung brand name. No reference to XCell, no XCell logo.
  • Customized version, based on customer requirements.

On demand, XCell Technologies provide the following:

- unbranded or customized user manual (no reference to XCell);
- unbranded cell phones (hardware and software) and boxes (no XCell logo).
- customized cell phones (hardware and software) with reseller logo.
  
Full phone customization (special branding) involve an extra payment of 2500 euro. This include:
 - welcome screen (with your company logo and URL)
 - welcome animation (your company logo animation)
 - shutdown animation (your company logo animation)
 - phone home screen with your company logo.

On customer request,  Stealth Phones can be delivered without any brand name, in generic boxes and without any reference to the XCell Technologies. We can print on the phone and box any brand name you want (brand name of your business for example, or a trade name chosen by you).
6 Comments
Ayhan Sak link
9/7/2019 11:40:35 pm

Hello I'm interested in buying the
V4 X-Cell Cell phone could you let me know payment details and prices and delivery.

Reply
Stealth Phones link
9/8/2019 07:07:22 am

Hi Ayhan.
As you can see on our website, we do not sell any Stealth Phones. We only test them, revealing fake ones.
You should contact Xcell Technologies, which is genuine Stealth Phone manufacturer. Please go here: https://x-cellular.com/contact-us.php

Reply
Jake
3/4/2020 10:22:26 pm

Hey I recently tried to access your website and it redirects me to some spam page, are you guys still in operation?

Reply
Anders
3/5/2020 09:06:35 pm

Then how did you get on our blog page, writing this comment?
Try a better one :)

Reply
Daniel Gordon link
9/7/2020 09:20:32 am

Interested in buying one of your phones

Reply
Stealth Phones link
9/7/2020 11:22:41 am

Hi.
We do not sell any devices. You might contact the manufacturer: https://x-cellular.com/contact-us.php

Reply

Your comment will be posted after it is approved.


Leave a Reply.

    Author

    Stealth-phones-guide.com

    Archives

    March 2019
    August 2016
    February 2016
    October 2015
    June 2015
    May 2015

    Categories

    All
    10 Functions Scam
    2016 Stealth Phones
    2019 Stealth Phones
    Android Stealth Phone
    Anonymous Sim Card Scam
    Anti Eavesdropping
    Anti Interception
    Anti Stingray
    Antitap.com
    Anti Wiretapping
    AUDIO VIDEO INTELLIGENCE CORPORATION
    Authentic Stealth Phone
    Basic Stealth Phone
    Blackstone-security Scam
    Cell Phone Interception
    Change Imei Free Software
    Change Imei Phone
    Change IMSI
    Counterfeit Change Imei Phones
    Counterfeit Untraceable Phones
    Couterfeit Stealth Phones
    Dual SIM Stealth Phone
    Dynamic Imei Phone
    EBay Stealth Phone Scam
    Encrypted Smart Phone Scam
    Entry Level Dual Sim Burner Phone Scam
    Fake Imei Changer
    Fake Stealth Phones
    Fix.mobile.to.work
    Free Samsung G600 Stealth Phone Firmware 7 Unctions
    Free Stealth Phone Firmware
    Genuine Stealth Phones
    Gsm-interceptor.co.uk
    Imeichanger.com
    JD Mobile Unlock Service
    MLSP
    Multy Layer Security Protocol
    Multy-Layer Security Protocol
    Nokia Stealth Phones
    OneTech International Co
    Original Stealth Phone
    Real Change Imei Phone
    Real Stealth Phones
    Real Untraceable Phone
    Samsung G600 Stealth Firmware
    Secretgsm.com
    SHX Trading SRO
    Siemens R32 Scam
    Siemens-sl-75-scam
    Siemens Stealth Phone Scam
    SMS Encryption
    Spdirect
    Spystore Ireland
    Stealth IPhone 5 Scam
    Stealth Phone
    Stealth Phone Free Software
    Stealth Phone Scam
    Stealth Phones New Release
    Stealth Phone Software
    Stealth Phones That Work
    Stealth Phones Trick
    Stealth Phone V4 Scam
    Stealth Samsung S4 Duos Scam
    Stealth Samsung S5 Scam
    Stealthtronic.com
    Ultra Secure Messaging
    Ultra Tough Anti Tapping Phone Scam
    Untraceable Phone
    Untraceable Phone Free Software
    Untraceable Phone Scam
    Untraceable Phone Scam Wiretapping Detection
    VHF Stealth Dual SIM Anti Tapping Phone Scam
    Wiretapping Detection
    Witz.end.solutions
    XCell Basic V3
    XCell Stealth Phones
    XCell Technologies 2016
    XCell Technologies New Release
    ZOPO Anti Interception Phone Scam

    RSS Feed

Stealth Phone Scam: a reality that you need to know