A recent Secret Service raid uncovers an insane network of SIM cards—along with the oddest piece of hardware I’ve ever seen. Here’s the deal with the SIM bank.
When I learned that the Secret Service had taken down a giant “SIM farm” in the NYC area, I immediately had two thoughts: One, “Wow, that sounds like the reason we all get so many scam calls.” And two, “Holy crap, what is that weird-ass piece of hardware?!?!??!?!??!?!??!?!?”
You must understand, dear reader, the bizarre gear they were using. I’ve never seen anything like it before.
/uploads/Pasted-image-20250923161012.jpg)
Much will be written about the threat to the telecom system, which is the angle the Secret Service is taking, as it was uncovered right around the time of a United Nations General Assembly meeting. I want to know the deal with the hardware itself.
You know the old board game Guess Who? You know, with the cards that stick up, and the other player has to guess what faces you have? Imagine that times 100, but with the cards a 20th of the size of the Guess Who cards, and add a whole freaking ton of antennas into the mix, and you have this crazy-ass device, the niche-iest of niche electronic devices. Each device holds numerous SIM cards, which means that someone had to pop out thousands of SIMs to put in these boxes, presumably one at a time.
Fortunately for us, the U.S. Secret Service gave us a picture of that insanity, too:
/uploads/Pasted-image-20250923161609.jpg)
So basically, we have a device that is intended to hold literal hundreds of SIM cards, and apparently the people who ran this network had literal racks of these machines. They have this almost magical sense of symmetry to them, which makes them highly attractive to nerds like me. It reminds me of Aereo, the noble (but failed) attempt to use thousands of tiny antennas to capture broadcast television signals to resell online.
So, what the heck is this thing, why did they have so many of them, and how come you’ve never seen them before?
The short answer: It’s a device called a “SIMbank” or “SIM gateway,” often attached to a “SIM pool,” which gives all those SIM cards access to a cellular network.
The longer answer: The devices in the Secret Service photo, apparently made by a Chinese company called Ejoin Technology, are used in VoIP settings to handle lots of SIM cards. Ejoin says they produce the devices for what it calls “SMS and voice gateway solutions.” In other words, these boxes made it possible to mass-text and mass-call people. They are not cheap devices, costing in the thousands of dollars. And that’s before you get in the business of purchasing all those SIM cards.
The exact devices that the Secret Service found are sold by Ejoin for an eye-watering $3,730. Here’s a press image of one:
/uploads/Pasted-image-20250923160059.jpg)
With devices like these, you can text someone at one number and immediately switch to another using the same cellular line, as if you changed area codes on the fly. Which sounds great for marketing, but also great for spam, and even better for harassment.
(It should be noted that Ejoin is not alone in selling these. I also spotted them being sold by Etross Telecom, OpenVox, and China Skyline Telecom. These are defiantly obscure but presumably have a use case.)
If you think these devices seem sketchy, apparently Alibaba does as well. If you look up messages on Alibaba for Ejoin Technology’s products, you get a generic logo, and this message that appears:
Due to the website’s compliance with specific regulations or policies in China, product information is no longer publicly displayed, but purchasing or payment operations can still be carried out. If you require detailed product information or link, please contact the sales department OR move to Ejointech offical Website.
So, if you buy these objects via Alibaba, you are literally buying a $3,700 device from a black box. On the plus side, going to Ejoin’s website, you can actually see screenshots of the tech in action:
/uploads/3748ab246c07cb505b0f23343565c498_83c60828-acec-4dba-96c8-7ae4e271ddca.jpg)
In this context, these are basically spam machines, and whoever ran this network—whether a state actor or a criminal scheme—had dozens of them, each costing the price of a high-end laptop. The SIM cards themselves probably cost like $5-$10 a piece, maybe more, which means that just filling them up with cards likely cost thousands more. Plus, there’s the manual labor of it all. 256 SIM cards don’t put themselves into a SIMbank.
(Side note: When I searched for information on how to buy bulk SIM cards, one of the first sites that came up was a black-hat hacking forum in which a user asked the very same question. Which, to my friends in the black-hat hacking world, hello.)
Now, to be clear, there are some legitimate reasons for users to have them, particularly for testing and quality assurance across networks. (Say, if you’re concerned that your app might work differently on Verizon than it might on AT&T or T-Mobile, or if you’re doing a lot of edge computing. Perhaps a legitimate VoIP company has a few for whatever reason.) And I did find a user on Medium who posted why they built a SIM bank solution for their marketing team. But illegitimate use cases appear to dwarf the legitimate ones, at least in terms of public attention.
The case in New York is far from unique. Earlier this year, Interpol broke up a SIM bank fraud scheme in South Africa that involved 40 people and more than 1,000 cards. The cards were used to reroute international traffic as local traffic to make the calls look legitimate. And a spate of cases both targeting and based in India have emerged in recent months.
(By the way, if you find this topic interesting, you might want to check out the Indian cybersecurity news outlet The 420, which appears to be on top of this.)
Beyond the sheer scope of SIM cards that the network had, the fact that the Secret Service uncovered the network around New York City is perhaps the most interesting part. It suggests that we might see more tricks like this in the future.
Anyway, if you see one of these boxes lying around somewhere, filled to the brim with SIMs, odds are you might be in the vicinity of something sketchy. (One has to wonder if the rise of eSIMs is designed to make these products obsolete.)
As criminal as they might be depending on the situation, they admittedly look cool.
RIP Billy Hudson, a co-host of the popular YouTube channel The Game Chasers. He meant a lot to the retro gaming community, and went out amid some very serious health issues. A telling thing about Hudson is that the last video he posted before he died, created immediately after undergoing brain surgery, involved him advising his followers not to fall for crowdfunding scams. He didn’t have to do that; nobody would have blamed him. Yet he did.
If you’ve never seen this piece of found media, you’re in for a treat. It’s a video of Elliott Smith performing on Breakfast Time, a bizarre morning show hosted on the original iteration of the FX network. (As the video notes, it was a performance from well before Smith was famous.) After getting peppered with numerous demeaning questions by co-host Tom Bergeron (later of Dancing With The Stars fame), Smith pulls off a performance of “Clementine” that silences the room and presumably made Bergeron rethink his life choices. Oh, there’s a freaking puppet behind him as he’s playing.
I don’t know why the German gummy-makers Haribo are making some of the best power banks on the market, but apparently they are—and serious backpackers love them.
--
Find this one an interesting read? Share it with a pal! And to anyone with one of these devices: Please don’t spam me, thanks.
Read the original article
Comments
By Scoundreller 2025-09-240:04 Maybe weird hardware, but easily available on aliexpress. Y’all need to explore more. Appears to be scrubbed off now but used to be more available.
Tbh, contraptions like this have a long history for gray-market VoIP call termination, but usually in countries where governments charge a lot for incoming international calls as means of fund-raising (or inefficient telecoms) but domestic rates are low.
Merge with https://news.ycombinator.com/item?id=45353925 ?
By neuroelectron 2025-09-240:079 reply This guy claims that it's not that suspicious and not a state-backed operation.
I am very familiar with the hardware being used in that operation and Rob is 100% correct.
Someone used an online SMS service to send threatening messages to a member of the Gleichschaltung squad, and the secret service traced the SIM card back to one of these rented apartments. The reason it was linked to a "Chinese state sponsored blah blah blah" is because most Chinese criminal operations in the US have some indirect benefit to the Chinese government, which is why they are allowed to operate.
You could use this hardware to launch some sort of a flooding attack, but given the density all you are going to knock out is the one cell site all your devices are talking to. If China wanted to knock out cell service around the UN they would use the hundreds of thousands of backdoored Android phones in New York to launch a more distributed attack.
I not familiar with any of it, so I’m willing to take your word, but doesn’t the scope raise some eyebrows?
Using the prices quoted in TFA they’re talking about $900,000 in servers and another $500,000 in SIM cards, before labor, rent and electricity.
Is that sort of outlay typical for phone scammers.
Also on a technical note is there an advantage to having all your sites in the NYC area? Is it simply that there’s enough cell traffic, the bad actors illicit traffic won’t stand out?
By rootsudo 2025-09-243:10 No way, whatever the sim hardware cost is and the sim service per month for the carrier.
NYC is just high density, remember cell means cellular so the towers are configured for high traffic and more fall back, also being easy to go around in general, airports etc
Esims go for $5-10 a month. Hardware is less than 20k max. Apartment and general utilities are a sunk cost.
By mike_d 2025-09-245:05 It was maybe $50k in hardware at each site.
They operate a bunch of cellular modems that send SMS spam, receive SMS verification codes for creating fake accounts, and use the data to act as proxies for web scraping and other nonsense. It isn't criminal, but it isn't exactly ethical either. But it is profitable.
You have to go swap out some of the SIM cards every day to get new numbers, so you need to balance spreading your locations out across multiple cell towers for throughput, but also needing to be within reasonable travel distance.
By monerozcash 2025-09-244:58 >Is that sort of outlay typical for phone scammers.
Really yes. If they're just selling VOIP routing to the US, they can sell essentially unlimited amounts of it. The more you invest, the more you profit. Grows organically and exponentially.
By VectorLock 2025-09-244:431 reply Each one of those units is probably ~$6k for the device and sim cards. I don't think there were that many of them in the pictures to add up to $900k.
The article describes 300 servers and 100,000 SIMs across a handul of locations.
By VectorLock 2025-09-244:582 reply In some countries you can find entire office blocks filled with people who do nothing all day but participate in scam enterprises. I don't think the scale of this phone bank, if its as described, is that surprising really.
They made cold calling illegal in my country. Also you cannot just sell customer data. It made an entire industry disappear and nobody mourned.
But I'm sure some American lawyer would call that a breach of the constitution.
By hsbauauvhabzb 2025-09-249:34 How does your country protect against callers and data sales outside of its jurisdiction?
By sschueller 2025-09-245:04 The SS is either incompetent and watches too many movies or they are deliberately trying to spin this as some state actor terrorism thing.
Does anyone remember the Boston mooninite panic? This is exactly the kind of incompetence I can think of over at the secret service.
By boltzmann-brain 2025-09-243:261 reply ok, fine, then why place it in NYC? it's a mobile phone, it could be anywhere.
By stackskipton 2025-09-244:202 reply NYC has cellular density for bandwidth to be available and enough traffic so this does not raise red flags with mobile operator. Do this in nowhere Oklahoma and providers would probably notice very quickly.
By VectorLock 2025-09-244:44 Probably a lot of places to buy MVNO sim cards from with cash as well.
By boltzmann-brain 2025-09-2421:152 reply Then why not another tech hub like SV or Seattle?
By salmon 2025-09-263:18 There are undoubtedly SIM farms there too. They just didn’t happen to catch the eye of the feds yet
By monerozcash 2025-09-2422:15 Because you happen to live in NYC.
By AnotherGoodName 2025-09-240:368 reply Can’t read it since I don’t have a login there but i’m guessing they buy sims from all over the country and sms on matching prefixes since people will assume a local number is less likely to be spam.
This explains using such a bank. You want to cover as many prefixes as possible and you can’t match area codes with traditional sms services.
You can also see his takes on bsky [1] or h blog he posted there [2]
[1] https://bsky.app/profile/erratarob.bsky.social [2] https://cybersect.substack.com/p/that-secret-service-sim-far...
By AnotherGoodName 2025-09-240:521 reply The second link there is much more meaningful.
I actually did see the tweet in full it turns out. It's just that there's not much content so i figured "oh it's one of those twitter thread chains i can't read".
By jghn 2025-09-2413:43 FWIW I have found him to be a good follow over the years. Unfortunately he mostly only posts on Twitter & not Bsky so I only see his stuff when he crosses over to bsky.
By therein 2025-09-242:20 Good post, also they use Quectel because it allows changing IMEI with a single AT command.
By perching_aix 2025-09-241:12 These days the way to go is social media proxies. A popular one is xcancel. Just replace the x in the domain with xcancel and you'll land on a proxy site (somebody's Nitter instance to be specific): https://xcancel.com/ErrataRob/status/1970586083374112784
Still not gonna help if you have cookies disabled because of the rate limiting, but hey.
I love how spammers do that- it works out great for me. I no longer live in my phones area code. I block the entire area code, which catches a huge amount of spam calls.
By IG_Semmelweiss 2025-09-242:582 reply this is a required hack, for any founder
SO much value in being able to root out garbage sales calls
You don't even need to be a founder, just a person in a position that people may believe is responsible for buying products and signing checks at a company.
With marginal cost of spam being $0, I am pretty sure homeless people and Bill Gates get exactly the same amount of spam. I’d be surprised if there was any target selection.
By dmd 2025-09-2412:12 It really is. I don't have my phone number on there, obviously, but when I went from being a random code monkey to having a 'Director' title at a very large institution, my sales spam went from 0 to probably 50 pieces a day.
By trod1234 2025-09-244:45 Also need to do something about the inherent insecurity of most phones. GrapheneOS being a pretty decent solution nowadays to control those errant radio signals won't help against profiling for your next oil change/maintenance with those TPMS sensors beaconing everywhere you go.
By slumberlust 2025-09-2411:02 Same. The only downside is local contractors will also screen you, but most call me back when I leave a message insisting I'm local and give my address.
By LargoLasskhyfv 2025-09-249:21 If for some reason your browsing environment isn't/can't be configured to circumvent login shenanigans, at least for now, xitter can be read by inserting cancel right behind the X-part of the URL. Like so:
https://xcancel.com/ErrataRob/status/1970586083374112784
With the additional advantage of giving you a view more like threadreader.app, or something. Without having to install anything.
Things I learnt today: that mobile phone numbers in the USA are 'local'
Here in the UK, all landline residential numbers start with an area code that starts 02 for London and 01 for the rest of the coountry (eg 020 for London and 0114 for Sheffield).
Mobile numbers here all start 07 here, and the first 5 digits are carrier specific - but so many people port their numbers that it becomes meaningless pretty quickly. But years ago you could spot a number an know what provider the caller was on.
---
Are residential and mobile numbers similar in the States?
> all landline residential numbers start with an area code that starts 02 for London and 01 for the rest of the coountry
02 dialling codes are used in more than just London; Northern Ireland and Coventry phone numers start with 02 for example.
By hdgvhicv 2025-09-248:15 Go back far enough at London was 01 and the rest 02-09. London, Birmingham, Manchester and a few others were 7 digits (041 xxx xxxx for Glasgow)
Then London changed to 081/071, then all changed to 01xxx (eg 0564 to 01564, 081 to 0181), then finally London, Southampton, Belfast and a few others mixed to 02x and 8 digits.
03 became national geographic numbers and things like 0345 and 0500 were phased out, 0800 remained free but not always with mobiles, 0845 was “local” but was basically premium, 0870 was even more, 0898 was super premium etc
But as phones took off in the 00s everyone just had 07 with 9 digits. Not sure when that will fill up, but it feels like a billion numbers is enough for now.
By ljf 2025-09-246:32 I stand corrected, I didn't know that - but it is a while since I've paid attention to phone numbers like I used to.
By dboreham 2025-09-249:26 Yes. There's no obvious way to differentiate between a mobile and a non-mobile number in the USA. Numbers are "somewhat local" in that the first three digits usually correspond to a strict geographical area. However that's not a guarantee since if someone moves to another area/state these days the mobile providers will let them keep their number.
By petesergeant 2025-09-246:122 reply Also traditionally American cellphone users pay to receive calls, which will blow the mind of a Britisher.
And text messages.
It was very shocking to me how many minutes cell phone plans had in the US when I moved there (it was ... a while ago) compared to France.
But also: in the US, calling someone on their cell cost the same as calling someone on a land line. In France, calling someone on their cell from a land line was something like 4x more per minute.
Really, the structure of phone costs (both land and cell) in the US was quite different.
In the 90s local calls and thus Internet was free in America, where in the U.K. it cost upto £5 an hour (in today’s money) to be online.
By rkomorn 2025-09-2410:20 Yep. France was similar to the UK. I spent years online between 10pm and 6am to use our dialup at the off-hours cost (which wasn't free, but significantly cheaper).
Not the good old days of spending money to browse the internet at 28.8kbps.
By palmotea 2025-09-2413:24 > Also traditionally American cellphone users pay to receive calls, which will blow the mind of a Britisher.
IIRC, we had to pay for any kind of use on a cell phone use (both to make and receive calls), which is probably stemmed from them being considered premium devices when they were introduced, with a lot of expensive fixed infrastructure you'd use no matter the direction of the call.
By silvestrov 2025-09-248:52 Denmark went 2 steps further: we no longer have area codes and all phone numbers can be mobile or landline.
In old days the numbers were distinct but these days the overview just says "mostly mobile" or "mostly landline": https://digst.dk/media/x3tmvqsl/nummerplan_2020_farver.pdf
Cell phones evolved differently.
The UK (and Australia) set up a separate prefix for mobile calls. They were more expensive to call. You also knew if you could text someone because it was a mobile number.
The US had analog cell phones for longer and they were introduced to be in the same area code so counted as a "local" call (vs "long distance") for anyone calling that number. The receiver also paid to receive that call, originally.
I honestly don't know how landlines are charged now. It's been probably 20 years since I've had one. Some cheaper cell phone plans might have limited minutes but it's way more common to have unlimited talk and text to any US domestic number (landline or cell).
Oh we had 1800 that were "toll free" meaning they didn't incur long distance charges, originally but this doesn't really apply now. Also, they ran out of 1800 numbers so pretty much anything 18xx is a toll free number.
Note the 1 in front too. That's also a US thing. It technically indicates you're making a "long distance" call. More specifically, you're specifying an area code.e Modern smartphones don't generally require you to type in the 1. Old phones did.
So if you were on a 718 number and call someone else on a 718 number, you could just use the 7 digits of their number. This isn't something people really do anymore. But if you had to call a 646 number you'd put in 1-646-123-4567 back in the day.
By the way, the cell phone numbers being in a given area code explains this joke [1].
Oh the UK/Australia system had its issues too, like it mattered if you were calling from Vodafone to another Vodafone user or if it was an Orange or BT cutstomer because you were charged differently and it could count against different free minutes pools. And you really had no way of knowing.
I don't believe the US had that kind of issue or, they did, it was so long ago that nobody remembers.
By vinay427 2025-09-246:54 > I don't believe the US had that kind of issue or, they did, it was so long ago that nobody remembers.
There is still a similar issue of not knowing whether an area code is for another country in the North American Numbering Plan. It’s fairly common for me to see an unfamiliar number and be unsure whether it’s from the US or Canada, for instance, without additional context.
By ljf 2025-09-246:34 Thank you for this - these are the kind of facts that really scratch a mental itch for me.
By justahuman74 2025-09-243:251 reply > since people will assume a local number is less likely to be spam.
Local number has become an spam signifier for me
By VoidWhisperer 2025-09-244:18 The funny thing for me is that I still have the phone number I had when I was growing up, which is for a state halfway across the US. Most of my spam calls are in the area code of my phone number, making them pretty easy to recognize since I dont really know anyone from that area code anymore
By 1vuio0pswjnm7 2025-09-2420:22 "Can't read it since I don't have a login there..."
Twitter is inconsistent for me. From the mobile (FF, not authenticated) it's blocked but from desktop (FF, not authenticated) is visible.
By therein 2025-09-244:24 With Google referrer, it loads even more often, even on mobile I believe. Same for LinkedIn. It will not authwall you if you're coming from Google.
By AnotherGoodName 2025-09-240:49 Thanks! I was assuming it was a chain with more details than i saw there.
"residential" proxies, ad clickbots, instagram/twitter bots - lots of "legit" use-cases these days
By codedokode 2025-09-2411:08 Ad clickbots are a win-win though? Make ad less profitable.
By tosapple 2025-09-2411:52 I believe that's rob from blog.erratasec.com.
The site may be being hugged to death currently i can see posts on ddg but it can't be reached.
By romperstomper 2025-09-246:271 reply An interesting choosing of words - "It's just normal criminal enterprise for sending SMS spam and anonymous messages." It doesn't look anyway "normal" as for me. I feel that this guy just says me "move along, nothing to see here" and resembles some South Park absurdity tbh. As for me it looks quite advanced (though I'm not an expert here) for just sending spam messages.
You admit to not knowing what tech these criminals have, and then on the basis of that you conclude "it doesn't look normal to me"..
It's like landing in Saudi Arabia and saying, "All the women here wear head covering, that doesn't look normal to me"...
Meanwhile on the flipside the authorities hype it up to be some state-sponsored threat, as if to say "Look citizen, your very competent government is keeping you safe! Trust us!"
By romperstomper 2025-09-2410:08 Well.. my judgment was based on the facts from the article, which are mostly about the amount and sophistication of equipment. I also read more facts from this link posted there as a reference https://apnews.com/article/unga-threat-telecom-service-sim-9... - they mention 300 SIM servers and 100K SIM cards which is quite impressive as for me. Also, for some reasons all of this is clustered around the UN facilities (in 35 miles radius). Even if all of this is related to spam only activities this is quite a large investment as for me and that's why I'm not really convinced this is just some "normal" thing to see.
By neuroelectron 2025-09-253:19 I think $1 million in basically abandoned, anonymized equipment is clearly not normal.
By d--b 2025-09-242:21 Yeah thanks, that makes more sense. The devices probably are in New York because of the high antenna density which makes it easier to actually not jam the cell towers.
The secret service spun it as a terror threat in the same way your orthopedist tells you your teeth problem comes from bad posture.
I mean, the thing might be used to jam the networks (one would have to check that the devices still work when using all the antennas simultaneously), but that really sounds like an awful lot of effort for a disruption that’s neither guaranteed nor that distuptive. I mean, this would create some chaos for sure, but law enforcement and emergency services use radio to communicate. 99% of businessses use wired phones. So this would mostly affect what? deliveries?
A large scale spam operation is way more plaisible.
That the secret service is directly under Trump may also explain why they spun it as potential terrorism stuff. it’s part of their effort to make people believe that America is under terror threat, so that they can legitimize power grabbing…
By leric 2025-09-243:57 [dead]
> This story is nonsense.
> It's just normal criminal enterprise for sending SMS spam and anonymous messages. Somebody used this service to send SMS threats to some politicians, so the Secret Service traced it back here. They are describing it as some special political threat ("35 mile radius from the UN") when it's just perfectly normal criminal enterprise.
> We know it's a crap story because to the way the New York Times story on this cites anonymous sources in the administration, and then James A. Lewis to confirm it. This guy, formerly of the CSIS think tank, is the the NYTimes regularly trots out to confirm cybersecurity claims by anonymous government officials.
> Ir's just normal crime folks, there's absolutely none of the threats here that they claim.
Why did you put quote marks around the word “legitimate”, like he said the word in his post?
By boomboomsubban 2025-09-241:051 reply >Why did you put quote marks around the word “legitimate”, like he said the word in his post?
They do say that in the associated blog post, though they don't seem to think it's likely to be legitimate. https://cybersect.substack.com/p/that-secret-service-sim-far...
By firesteelrain 2025-09-241:12 It does note via screenshot at bottom that these devices are often seen in Russia. Not sure what that means
By mrheosuper 2025-09-242:212 reply I used to have a machine that look like this(A bit smaller tho).
My machine was for...spamming text sms. We would put it on our vehicle and drive around the city to spam sms message.
We stop doing that now since it's not really effective anymore.
But our machine having same form factor does not mean they have same functionality.
> We would put it on our vehicle and drive around the city to spam sms message.
Why would you drive around? You can just put it in one place and spam. It doesn't change the network connectivity or the numbers or anything to drive, except perhaps running from law enforcement?
By rcarmo 2025-09-246:51 To avoid showing up on 2G/3G networks as a static congestion factor. SMS in 2G a can easily block calls if done intensively enough, since it’s part of the actual call signaling. We could tell when high-school classes ended by the sudden increase in SMS and decrease in call volumes in certain cells.
By mrheosuper 2025-09-243:531 reply i don't recall exactly reason, quite a long time since then, but it has something to do with fake number detection and the amount of phone number we can reach.
By monerozcash 2025-09-2422:07 You were probably driving around with a "SMS Blaster" that didn't use sim cards, no?
By peterldowns 2025-09-243:051 reply How did that work economically? Who paid for you to do that and how was it worth it for them to do so?
By mrheosuper 2025-09-243:20 Apparently, it worked for them. We don't care about message (as long as it's not too "uncomfortable"). Anyone can use our service. They decide how long to broadcast, we take care the rest.
Mind you, we are not in US.
