That Secret Service Sim Farm Story Is Bogus
Key topics
The article disputes the original story about a Secret Service busting a SIM farm capable of crashing cell networks, suggesting it was a scam operation instead, and the discussion revolves around the credibility of the original story and the motivations behind it.
Snapshot generated from the HN discussion
Discussion Activity
Very active discussionFirst comment
1h
Peak period
143
0-12h
Avg / period
22.9
Based on 160 loaded comments
Key moments
- 01Story posted
Sep 24, 2025 at 4:24 AM EDT
3 months ago
Step 01 - 02First comment
Sep 24, 2025 at 5:33 AM EDT
1h after posting
Step 02 - 03Peak activity
143 comments in 0-12h
Hottest window of the conversation
Step 03 - 04Latest activity
Oct 1, 2025 at 4:25 AM EDT
3 months ago
Step 04
Generating AI Summary...
Analyzing up to 500 comments to identify key contributors and discussion patterns
Want the full context?
Jump to the original sources
Read the primary article or dive into the live Hacker News thread when you're ready.
Cache of devices capable of crashing cell network is found in NYC - https://news.ycombinator.com/item?id=45345514 - Sept 2025 (283 comments)
I'll put that link in the top text too.
The somewhat annoying part is that it seems like it is pretty easy to spot these sorts of SIM farm setups and yet nobody in law enforcement seems to care enough to actually do it.
I'm a little surprised that a behavioral analysis didn't flag these anyway. Probably did, just the networks don't care as long as they get their cut.
Use VPNs? Surely paying for some subscriptions at $3/month is cheaper than renting an apartment in manhattan?
disclosure: I'm an investor/advisor in massive.
Pretty clear this is the case, almost all of it could be stopped overnight with a simple whitelist to people you know and a blocklist of countries and regions where you’ll never ever need to take a call from.
What about sending spam and threaths over one of these SIMs? I'm pretty sure that warrants legal action.
A lot of things are not, but US for a while has been on a path that suggests that whether something is legal or not is not the standard. The standard is basically, based partially on personal vibes.
Naturally, this comes years after it was normalized in banking, red flag laws and so on, so I suppose this is not a surprise, but I am surprised that people are making 'this is not illegal argument'.
In this setup, illegal does not matter. If it is suspicious, you are in trouble. For example, I invite you to look at DHS/FBI 'signs'[1][2] to report by private orgs:
- Producing or sharing music, videos, memes, or other media that could reflect justification for violent extremist beliefs or activities
Note the could and despair at the future we are gleefully approaching.
Anyway, I don't disagree with you on principle, but I want you to understand that the system behaves differently these days.
https://tripwire.dhs.gov/documents/us-violent-extremist-mobi... https://www.fbi.gov/file-repository/counterterrorism/us-viol...
Just tell people that this is the sort of setup that is used by (overseas) scammers to send messages to thousands of potential victims at a time to rope them into various scams.
Fighting scammers is a hugely popular thing with the general public. No need to dress it up with that U.N. nonsense to get the general public's approval. People wouldn't even have minded that the Secret Service ended up uncovering a scammer support operation whilst tracking down something else.
And that's the point. No-one would have thought bad of them for following up on stuff within their bailiwick and uncovering a scam support operation. It's the old caught-the-major-bad-guy-in-a-routine-traffic-stop tale, after all.
Yeah makes a lot of sense when framed like this, the timing of the secret service of all people busting this 'huge' operation was far too suspicious.
`site:nytimes.com “speaking on the condition of anonymity to discuss an ongoing investigation”` has no earlier results
Other outlets have used “speaking on the condition of anonymity to discuss an ongoing investigation” before though.
Overall I found the substack author to tell a good story and speak with what seems to be relevant technical experience so I reposted the link that I saw in another hn thread as a separate story, but as other commentors have pointed out it's possible that both he and the original journalist are hyping up conspiracies in both directions (compromised press vs state actor hackers) and actually the truth is often a more boring mid ground (Journalists hyping up stories and shady people doing shady things)
Are they just making up these "normal journalistic principles"? I see different newspapers publishing quotes anonymously under similar conditions all the time.
> It’s the “Washington Game” of “official leaks”, disseminating propaganda without being held accountable.
In general, you can spot this kind of propaganda by realizing that the anonymous source is actually promoting the government's position and so isn't actually in danger. I.E. they aren't a whistleblower, they have no reason to fear repercussions.
Then there are other aspects that they would be prohibited from sharing in some legal jurisdictions, that hinge on privacy law (divulging sensitive but irrelevant details regarding the suspects alibi that they learned by interviewing the suspect) or on affecting potential jury members.
Instead they use the idea that they aren't allowed to share any information to just avoid answering questions.
Yes, most newspapers are publishing anonymous quotes from government officials without scrutiny; quotes that are later found to have been completely bogus.
We live in an age of constant memetic warfare and a majority of our content distribution channels have been compromised.
It could be just a scam bot farm but a scam bot farm with the intention of targeting vulnerable UN delegates with scams not necessarily to disrupt any cell tower?
I don't mean this in derogatory sense. I wasslightly...hm...confused when reading this. When I see something in the news, to the degree that I trust the source, I see it only as a statement of fact, and unless I trust the commentator, I ignore the comment. I only expect descriptive accuracy from the news. This sometimes requires resources that individuals don't generally have.
When I read a personal blog article articulating a personal opinion, presenting evidence and trying to make a case for their conclusion, I usually apply a different standard. From them, I expect sound reasoning, which often requires a form of independence/neutrality that news organizations don't have.
And I can't say that this article is structured as a sequence of QEDs, so to speak. It doesn't seem like the conclusions follow from the premisses. That's not to say is wrong, just that if it is right, it would be in part by accident.
No, they put this in lower manhattan because of the cell density there. It makes the fraud harder to detect in all the noise of normal usage.
Cell networks are not my area of expertise, but cybersecurity is, so I am genuinely interested to learn more.
And how is it even supposed to work? How are you going to handle billing? Does a cell phone tower even know the phone number of the connected devices? What's going to happen when the recipient disconnects mid-SMS? What happens when the same number is in use by multiple SIM cards?
It would have been so much easier to be closer to the UNGA and then it would be more effective if that was the intent.
If one is setting up to target the U.N. one does not need this sort of setup to do so. Grand Central Station and the Chrysler Building are just as (in)valid a guess at some purported central target, which one does not have to enclose. The 35 mile radius is ludicrous, and very probably a "telephone game" garbling by PR people of the rough range of SMS to a 2G cell tower given certain conditions. And targetting just a few delegates for scams, with kit that costs thousands of quid per gateway box, is stupidity. The scams thrive on large volumes because they don't net 100% of the marks.
This is a way of having VOIP on one side and what will appear to callees like (doing some simple arithmetic based upon the various photographs) a few hundred (in the site where they're on the floor) to several thousand (in the site where they're on garage shelving along the wall) seemingly legitimate cell phones in multiple locations on the other side. The far more sensible hypotheses are an (overseas) scam support operation, or a dodgy telco operator of some kind.
[0] https://oxylabs.io/products/mobile-proxies
Is it time to stop treating somebody's IP address as an authentication factor yet?
Also funny was that it was considered espionage at first ... but they found lots of drugs on site -- clearly not espionage.
Edit:ascii emoji fail
I cannot conceive of a reason why that would occur
https://xkcd.com/1138/
The real question here is who and what it was intended to warn off, and you'll never get a real answer to that.
I ask god to make the people I bullshit all agree with you about this. Please don't pay attention to the details; in fact, they were probably placed there by our enemies to distract us from the story (that I told you.) In fact, you're a genius, and this goes deeper than even I thought. I'm going to need access to your bank account.
To be honest, with the contents of the post, probably neither. It's fine if you want to point at different sources and go "ooooh WEF" and make scare quotes with your hands, but that's not actually evidence it's just a description of your existing bias.
Frankly, the overstating of the threat in the original article is frankly about as bad as the overstating of the article being bogus. The feds shut down some sim farm. Is is a massive national security threat? Probably no, that's a bit of an overstatement. The NYTimes ran a clickbaity article, is it bogus? Probably no, that's a bit of an overstatement.
I don't understand why people like this get so wound up by the way places like the NYTimes write up articles. This is the way journalism is written, you don't write articles that say "X happened, but it's probably fine!". You write "X happened, and it could have Y impact!". People are smart enough to read the article and understand, we don't need you making baseless accusations about their sourcing.
I believe we're making very similar points in essence - see my other reply. Personally, I'd say that foreign security services having some involvement in this is slightly more plausible. If nothing else, just because some are basically nation-wide gang states, which very well could be doing this just for monetary reasons. Seems a bit more likely, not much, than a fed agency trying to do something (unclear what the author claim is about the point of the lie - "hype it up", I guess), concluding that lying about what they know in a case is a good way to do it, and choosing this case and this particular lie.
When I read a personal blog article articulating a personal opinion, presenting evidence and trying to make a case for their conclusion, I usually apply a different standard. From them, I expect sound reasoning, which often requires a form of independence/neutrality that news organizations don't have.
And let's just say this article is not exactly structured as a sequence of QEDs, so to speak. It doesn't seem like the conclusions follow from the premisses. That's not to say it's wrong, just that if it is right, it would be in part by accident.
When Bobby tries to convince his friend Jimmy that Charlie is lying, you shouldn't trust him if he says that "I know that Charlie is lying because apples are green".
> One of the reasons we know this story is bogus is because of the New York Times story which cites anonymous officials, “speaking on the condition of anonymity to discuss an ongoing investigation”. That’s not a thing, that’s not a valid reason to grant anonymity under normal journalistic principles.
I'm not even sure the apple is green! If you search `site:nytimes.com “anonymity to discuss an ongoing investigation"` you'll see that this news outlet has done this multiple times in the past.
I suppose "valid" and "normal" are giving the author a bunch of wiggle room here, but he never backs this claim up.
If, for whatever reason, the agency feels like it's not risking its own case and wants to blow its trumpet... it really doesn't matter what the names of the spokespeople for the agency are. They don't need to speak anonymously, as they won't get in trouble with anyone at the agency for saying what the agency told them to say to the press. The NYT could just say "officials said" and not name them.
It is not like there is a whistleblower inside the Secret Service with scuttlebutt to dish, and the NYT need to protect the identity of Deep Throat 2.0... and all they had to say was the spam operation itself didn't pose any threat to the UN conference.
I think what the blog author's arguing is that this phrase is unnecessary detail that just adds intrigue to sell a rather mundane story.
Breaching of this, especially as you're making a case, in most cases at best would invalidate the whole case + bring disciplinary actions upon the individual(s) that committed the breach.
Judging by the other comments, looks similar for the US too.
If you're ever partecipated as expert in any investigation or news article you'd know you'd get usually biased hypothesis, if otherwise it meant you wouldn't have the same impact for the news story. Or if you've ever heard of the Gell-Mann amnesia effect.
Be kind. Don't be snarky. Converse curiously; don't cross-examine. Edit out swipes.
Please don't fulminate. Please don't sneer...
Please don't post shallow dismissals...
https://news.ycombinator.com/newsguidelines.html
I legitimately read the comment twice and couldn't parse it when I wrote this. I wasn't trying to be rude, I genuinely didn't understand. But pretty sure you don't care. But sure, point taken.
> You know, the one that stated literal facts and nothing else
I don't know what comment you're referring to, but it's common for people to claim that they were "just stating facts", whilst sidestepping the fact that the choice of "facts", the context in which they are invoked and the words used to state them can very easily be inflammatory.
> I wasn't trying to be rude, I genuinely didn't understand
It's common for people to underestimate how harshly their words come across by the time they hit the page for others to read. We've had to warn you before, and you're still frequently making comments that are breaking the guidelines and being flagged by many fellow community members. You need to try harder to keep within the guidelines if you want to participate here. This is only a place where people want to participate because others make the effort to keep the standards up. We need to see you making an effort to be one of the ones to raise the standards, rather than repeatedly dragging them down.
> But pretty sure you don't care
My job is to uphold the guidelines and do what I can to keep this place from burning to the ground. That's all I care about when I'm posting comments like these.
> But sure, point taken
I hope so!
I think scatterbrained, vibes based almost-theories that vaguely imitate real arguments but don't actually have the logical structure, are unfortunately common and important to be able to recognize. This article gets a lot of its rhetorical momentum from simply declaring it's fake and putting "experts" in scare quotes over and over. It claims the article is "bogus" while agreeing that the sim cards are real, were really found, really can crash cell towers, and can hide identities. It also corrects things that no one said (neither the tweet nor the NYT article they link to refer to the cache of sim cards as "phones" yet the substack corrects this phrasing).
The strongest argument makes is about the difference between espionage and cell tower crashing and the achievability of this by non state actors (it would cost "only" $1MM for anyone to do this), but a difference in interpretation is a far cry from the article actually being bogus. And the vagueposting about how quoting "high level experts" proves that the story is fake is so ridiculous I don't even know what to say. Sure, the NYT have preferred sources who probably push preferred narratives, but if you think that's proof of anything you don't know the difference between vibes and arguments.
So I completely understand GPs point and wish more comments were reacting in the same way.
Let's pick through the official statement.
"In addition to carrying out anonymous telephonic threats, these devices could be used to conduct a wide range of telecommunications attacks. This includes disabling cell phone towers, enabling denial of services attacks and facilitating anonymous, encrypted communication between potential threat actors and criminal enterprises."
This is a mix of bullshit and mundane. Disabling cell towers? I don't buy it. DoS attacks? Yeah, any collection of internet-connected devices can do that. Anonymous, encrypted communication? Everybody's smartphone qualifies for that. You could be talking about arresting a pickpocketer and be technically correct in saying that you siezed a device that could be used to facilitate anonymous, encrypted communication between potential threat actors and criminal enterprises.
"While forensic examination of these devices is ongoing, early analysis indicates cellular communications between nation-state threat actors and individuals that are known to federal law enforcement."
So some foreign government was using these services. You could say the same about AWS.
"The potential for disruption to our country’s telecommunications posed by this network of devices cannot be overstated"
A nice example of the genre of self-disproving statements.
"These devices were concentrated within 35 miles of the global meeting of the United Nations General Assembly now underway in New York City."
It bears repeating that "within 35 miles" of the UN includes the entire New York metro area and a large area beyond. In addition to that, the very concept of electronic equipment being "concentrated within" four thousand square miles doesn't make the least bit of sense.
You get specific numbers (two arrests and eight search warrants), more specific locations (names of big cities aren't very specific, but they're more specific than a circle 70 miles wide), a specific country running the agents (China), and a specific goal (recruit spies in the US military).
The vague statement about the SIM farms is pretty clearly an attempt to puff up an operation that didn't accomplish much.
The cherry on top is that at the end of the article, they sort of let it slip that this isn't something that they expect would be unusual:
> “This is an ongoing investigation, but there’s absolutely no reason to believe we won’t find more of these devices in other cities,” Mr. McCool said.
The two "experts" clearly have no idea what they're talking about, and the agent quoted is implying heavily that this is some form of criminal, organised ring.
In reality, SIM farms are against the ToS for phone providers and can definitely be used for illegal activity such as telecommunications disruptions, but a butter knife can also be used for illegal activity.
I've run data centres and seen them set up in many places, operators I've seen are there for a profit and operating in a technically legal area but playing cat and mouse with the telcos. There is nothing implicitly illegal about them.
Sure, the press may put a "threat to the nation" spin on things that might be a bit sensational. But the "you're making something out of nothing" claims seem to do the opposite. Criminals with the ability to cause widespread chaos seem worrying even if their may motivation is maintaining their income stream.
SIM farms are normal, common things that exist all over the place to allow messages from far-away senders to be sent as if they came from a local number.
That’s all the author is asking us to believe.
Meanwhile, many US companies won't let me, the actual legitimate user they're trying to authenticate, use Google Voice, because it's "so dangerous and spoofable, unlike real SIM cards".
Hopefully this helps a little bit in driving that point home.
It's always funny to see comments like this; because there's always at least 50/50 chance that the article is from someone that is actually prolific, just that the person has a blind-spot for whatever reason.
That is, also, the case here.
But I think it’s wrong to call it a “blind spot”. This is not my industry, I don’t know the names, and I’m not qualified to judge whether the author deserves my implicit trust. So I treat this substack with the same skepticism I would any other substack.
It also makes the point that its purpose wasn’t to disrupt cell service, although these things can and will disrupt cell services.
So from my perspective, the article is strange in the sense that the author seems pretty intent on splitting enough hairs to prove the secret service wrong. For me, I don’t care if they are wrong about its purpose— If this helps decrease spam messages, great. If it means that cell services are now more reliable in that area, great. If it’s something that could be hijacked and used for terroristic purposes and has now been neutralized, great.
How did this not throw flags with the carriers.
"Freddy No-Lips is burning down Suzy's Bakery because she didn't pay protection money" is not the Reichstag fire and should not be weaponized like it was.
https://www.made-in-china.com/showroom/faf448fd0d906a15/prod...
Really? I see a difference between 24h infotainment news and News.
The News I listen to (AM radio) is compacted into fact, point, counterpoint. And that’s it. When it repeats, no more news. I’m old enough to remember this basic News playbook, and it’s not changed on those stations I listen to.
But a meta point: Most commercial news rooms have become propoganda arms for The Party that churn out low effort AP ticker derivatives, social media gossip, and literal government propaganda from The Party whispered in their ear by an “anonymous source.” The “news rooms” appear devoid of any real journalistic integrity.
I think we are going to see an increasing trend of “true journalists” leaving the legacy news industry to places where they can build direct relationships with their audience, can own their own content distribution channels, and directly monetize those channels. I.E. Substack, YouTube, X, et. al.
Those independent channels seem far more amenable to "opinion-havers" than "true journalists" (though perhaps the "true journalists" transform into opinion-havers or secondhand-analysts when they change distribution platforms).
> ...churn out low effort AP ticker derivatives, social media gossip, and literal government propaganda from The Party whispered in their ear by an “anonymous source.”
That stuff is cheap. How do you expect someone moving to a place of fewer resources and less security to make a more expensive product?
> The “news rooms” appear devoid of any real journalistic integrity.
I think you're seeing the result of budget cuts.
Investigative journalism is really not that expensive. A lot of it boils down to needing a phone and money for gas. Rather than costs, the much bigger obstacle to good journalism is censorship, much of it coming from company leadership, which doesn't want a bad relationship with advertisers or the government.
Come on. It investigative journalism takes a lot of time, and in the mean time, the journalist has bills to pay.
An opinion-haver or second-hand news analyst can build a Substack following by picking a theme and pumping out a blog post every couple days, but that's not practical for someone who might only be able put out a story every couple months on varying topics (based on whatever scoops they get).
Your scenario is the same for a news company. Investigative journalism takes time. And, in the meantime, you have HR departments, corporate rent, etc., you’re trying to build a media empire and your ROI is being compared against just investing in the S&P 500.
And I don’t think the economics of corporate news make sense. I suspect people buy these news rooms because their ROI comes from manufacturing consent (power and influence) - not monetizing investigative journalism.
> Your scenario is the same for a news company. Investigative journalism takes time. And, in the meantime, you have HR departments, corporate rent, etc., you’re trying to build a media empire and your ROI is being compared against just investing in the S&P 500.
No. In the mean time, you have opinion-havers and other investigative journalists writing articles, maintaining a steady audience. An "individual [investigative journalist] who is personally invested in their work" wouldn't have the steady output to maintain one.
> And I don’t think the economics of corporate news make sense.
The economics of solo news make even less sense.
I think you're pushing a fantasy. I don't think "going independent" is really viable for a person unless they 1) have pre-existing fame, 2) independent wealth (or a patron), or 3) cut corners with the project in some way.
Additionally, calling Venezuelan and Mexican cartels like CJNG small or remnant is extremely inaccurate, to be charitable. They are among the largest, best equipped, and most dangerous organized criminals in the world. You don't have be pro-Trump to acknowledge this fact.
After everything the gov't has tried to hype in the last decade (I'm including some things under Biden's term too), and esp. the efforts made in Trump second term, sure seems like it checks out to me.
So maybe you could name one of the conclusions and its premises, and describe how they don't follow. Cause I certainly don't follow what you're on about.
No. This is not how any of this works
Just use SIP?
The boxes all basically turn the cell lines into SIP trunks, then they’re used for grey routes for international VoIP providers to dodge termination fees into the target country and get cheaper per-minute rates, because the game of pennies really adds up in telecoms traffic.
With the number of radios seen in the photos from the original story, there must have been a great deal of SMS from that structure. That is very easy to spot with low cost equipment: a TinySA[1] and a directional antenna should be sufficient. Hams do "fox hunting" with similarly basic equipment.
Given the resources of cell operators, the most charitable explanation for how something like this can exist for more than a brief interval is total indifference.
[1] The more recent versions ($150+) are pretty powerful and can see all 4G/5G bands.
And why should they care?
A paying customer is a paying customer, never mind the health and integrity of the public phone network (which coincidentally also serves as the primary identification and authentication method for ~everybody in the US).
As far as I understand it, it's more of the lack of a design (for authentication) that got us into all that trouble, similar to BGP, Email, and many other protocols that were originally designed with trusted counterparties in mind.
It just so happened that the illusion of mutual trust broke down earlier in the Internet than it did in the international phone network. (Some even still believe in it to this day!)
We get it you have some political bent and don't like those in charge, but given the professionalism of the setup you don't know how quickly it was setup. If the place was rented last month that _is_ a $1M investment all up front. If it's over time it's still a professional setup all the same by people looking to abuse the system in some way or other for profit. I.e. unknown threat actor until proved proven otherwise.
Honestly picking at a public body bigging up the work they do for the public isn't worth a rant. If this was close enough to the UN buildings and Embassy's to cause a problem then yes. That becomes an international issue. Do you honestly think if this was just a scam farm they wouldn't take money from someone else to burn the thing and turn the city into a circus?
Besides if this was an agency with tech skill but limited funding, like a certain northern province in Asia, they'd bankroll it by scamming to start anyway wouldn't they.
462 more comments available on Hacker News