Translated by

MTS provided all stations of the Moscow subway with 4G network

Customers: Moscow Metro

Moscow; Transport

Mobile TeleSystems (MTS)
Moscow; Telecommunication and communication

Product: MT FREE

Project date: 2014/03  - 2020/09

2019: Providing 226 stations of Moscow Metro with mobile communication

On February 11, 2019 the MTS company reported that it provided a complete covering of Moscow Metro with mobile communication.

According to the company, at all 226 stations of Moscow Metro the MTS network is available in the following standards: 2G, 3G and 4G. Subscribers of MTS can also make voice calls and use the mobile Internet during the movement in the car in subway tunnels through networks of the "second" and "third" generation, and on a number of sections of the Kalinin and Solntsevo and Sokolnichesky branches and in standard 4G.

Muscovites spend underground on average about 40 minutes a day and are not ready for this time to refuse voice services and access to usual applications, messengers, e-mail and online games. The joint project with Moscow Metro on equipment of all metro stations the modern standard of communication will allow our subscribers to use comfortably any digital services, including sensitive to the speed of the mobile Internet.

Igor Egorov, the director of MTS in the Moscow region

Maximum speed of the mobile Internet for February, 2019 at stations can reach 250 megabits per second. Average speeds at a normal passenger traffic will allow expecting arrival of the train fully to use any Internet services: from simple communication in messengers before watching online video in high quality.

Until the end of 2019 MTS is going to provide with standard 4G all tunnels of the subway. For February, 2019 daily in the subway more than two million subscribers use MTS network. In a month passengers of the subway use on average the 360th terabyte of the mobile Internet.


Plan of upgrade of Wi-Fi-network for 1 billion rubles

On September 10, 2018 it became known that the telecom operator Maxima Telecom which is engaged in development of Wi-fi in public transport decided to upgrade network of a wireless internet in Moscow Metro in connection with growth of traffic.

Upgrade will take one and a half-two years. The operator is going to install the radio equipment providing speed to 500 Mbit per second (earlier peak speed was 100-110 Mbps) and also will update train antennas and the software of base stations.

The total amount of investments into upgrade can be about 1 billion rubles though the exact amount the company will define later[1].

Large leak: The Wi-fi operator in the subway of Moscow spreads data on users in the general access

On April 9, 2018 The Village[2] told about vulnerability in free Wi-Fi "MT FREE" of the Moscow transport. It was detected by the programmer Vladimir Serov. "Hole", presumably, was available about a year. It allowed to download "a digital portrait" of any passenger connected to network in the car — his phone number, analytics of Maxima Telecom operator about age and employment of the person, his marital status, stations where he lives and works, and then even to monitor movement of the person on the subway in real time. "Serov's method" was technically simple: in not encrypted form any who substituted the public address of the device — the MAC address — for the address of any other smartphone in the car could open the pages of authorization given in the code.

After the publication Maxima Telecom quickly removed all data of a "digital" portrait from the code of the page of authorization, and Roskomnadzor stated that it will carry out an inspection of an incident.

In what vulnerability

Any device supporting Wi-Fi has unique number which is called the MAC address. Authorization happens in network of the city Internet MT_FREE on a MAC address combination to the phone number which the passenger himself registers in a system — upon the demand of the law on counteraction to terrorism. The page of authorization opens at all automatically. The developer of network, Maxima Telecom provider, placed the advertizing block there. The company also earns from it. To make advertizing more effective, targeting is used — those declarations which approach your digital portrait of preferences better are issued to you. Usually this portrait is collected by the large analytical and marketing companies which then transfer data in encrypted form to specific advertizing platforms. However the programmer Vladimir Serov found out that the digital portrait, including the phone number on the page of authorization Wi-Fi in the subway of Moscow, is not ciphered in any way.

Serov told The Village that found vulnerability still on March 5, and addressed familiar developers from, "having convinced that the request reached responsible for wi-fi in the subway". It should be noted that directly Serov did not address Maxim, and a week later decided to publish a find on a profile resource for programmers.

On the same day I wrote about this vulnerability to children from because at Maksimytelekom there is no normal technical support. So I told their administration about how the contractor distributes to the right and on the left personal data on users — the letter lowered, but I did not receive the answer. Waited week and wrote on a post "How to receive phone (almost) any beauty in Moscow, or Interesting feature of MT_FREE". Made a small script which unloaded data in a convenient type. We with readers began to have fun

The Village found out that according to Wayback Machine service, vulnerability was in the code of the page of authorization at least since May 17, 2017. In August the company stated that identification in network daily there undergo 1.5 million users, and earlier, in December the 2016th — that all more than 12 million users are registered. The same network MT_FREE is available also in Aeroexpress trains, on the Moscow central ring and even in some suburban electric trains now, including Swallow. And since 2017 Maxim develops the same network in the St. Petersburg subway.

How to keep track of your location

On receiving "a digital portrait" Serov did not stop. Investigating an uzyavimost is more detailed, he detected the current_station indicator ("the current station") which constantly changed. Names of stations in it replaced with normal numbers. Quickly enough it was succeeded to make the card, just monitoring movement of own MAC address and to find out, for example, that "164" is Southern, and "165" — Prague — stations on one branch are numbered consistently. Having written one more simplest script, movement of other person on the subway in real time was succeeded to trace Serova — a certain girl came back home from work. During testing one of 16 accidentally caught MAC addresses gave in to shadowing. It is unknown how many data tied to phone numbers, other people could already save in a year. Having such base, potentially it is possible to trace more than 10 million phones in the subway and now.

Usually only intelligence agencies can trace a geolocation of specific phones — the technology of a triangulation of the subscriber using proximity to cellular towers requires court's decision and permanent communication with mobile operators. Vulnerability of MT_FREE does movement of the subscriber on the subway absolutely transparent.

2017: MTS first-ever built a cellular network in the subway based on Wi-Fi

The Mobile TeleSystems mobile operator (MTS) and Maxima Telecom company started at the beginning of a year the joint project on improvement of communication quality in Moscow Metro. It is about installation in cars of the subway of the femtocells of the UMTS (3G) standard connected to Maxima Telecom network[3].

Maxima Telecom since 2013 builds in the capital subway Wi-Fi-network with Wi-Fi-Internet access. In cars install Wi-Fi-routers which are connected under the proprietary protocol to wireless transport Maxima Telecom.

Communication in tunnels

At the beginning of 2016 Maxima Telecom won the tender of Moscow Metro for installation of femtocells in subway cars. The femtocell is the miniature base station which is connected to an Internet channel and provides access to a cellular network from the premises.

Last year Maxima Telecom agreed with MTS about joint project implementation on installation of femtocells. Maxima Telecom bought femtocells of the Japanese corporation NEC which by this moment are installed in cars on the majority of lines of the subway.

Thanks to femtocells the communication quality for subscribers of MTS in stages of the capital subway should improve. It is about a voice communication, Sms and data transmissions at the speeds sufficient for work of Internet messengers. At the same time, for example, for watching video of the speeds received for the account of femtocells can not be enough, and it will be better for subscriber to be connected to Maksimetelekom Wi-Fi-network.

2016: Messages about network hacking

The provider of free Wi-Fi in the Moscow subway denied information on unauthorized changes of content on the official site which could become the reason of demonstrations with threats of carrying out terrorist attacks in Moscow, and noted that it is possible only in case of creation of false network with the similar[4].

If unauthorized intervention in activity of a wireless network of MosMetro-FREE would take place, images would be shown to all users of a wireless network. We can assume that deployment by the malefactor of an independent wireless network with the duplicative identifier took place", - told in the press service

Earlier in media information that the passenger saw a flag of the terrorist group IS banned in the Russian Federation at connection to free Wi-Fi on the Kaluga and Riga line and also the message with threats of carrying out terrorist attacks in Moscow appeared.

After terrorist attacks in Paris in November, 2015 passengers of the Moscow subway saw the similar message in attempt to be connected to the Internet. Then in Maxim Telecom also said that network hacking was not.


In Moscow Metro of Wi-fi appeared in 2013, and on December 1, 2014 the MosMetro_Free network earned from all 12 lines of the subway. For its functioning in 330 kilometers of underground tunnels stretched 880 kilometers of the optical cable and set more than 900 base stations (devices which broadcast a radio signal). Nearly 5.5 thousand cars of the subway are equipped with Wi-Fi-routers (devices which accept a signal from base stations and distribute to passengers). Each of 650 trains of the capital subway is connected to the Internet at a speed up to 100 Mbps, and the general network transmission capacity makes 20 Gbps[5].

Also the business case of underground network Wi-fi is interesting: access to it free — and nevertheless makes profit. First, the operator earns from advertizing demonstrations. Secondly, at each run the information entertainment portal is automatically loaded into network. Due to placement of partner content the operator also performs monetization of service. According to the statistics, the daily audience of a resource makes more than one million users, at the same time about 50 percent from them visit per day the site twice and more often.

See Also