SS7 Attack is a true nightmare, are you safe?

  • 482
  •  
  •  
  •  
  •  
  •  
  •  
    482
    Shares

Security specialists have been warning for years about security issues in the Signaling System 7 (SS7) protocol. SS7 is a set of telephony signaling protocols developed in 1975, which is used to set up and tear down most of the world’s public switched telephone network (PSTN) telephone calls.

According to a German Newspaper “Süddeutsche Zeitung“, the O2-Telefonica in Germany has verified that hackers stole funds from some of its clients’ bank accounts. The bank said that the hackers succeeded to redirect incoming SMS messages to themselves that were intended to be received by clients’ mobile numbers.

The hackers exploited the two-factor authentication method of transaction authentication numbers used by German banks. The bank’s customers need to get a code sent to their phone number before money are transferred between accounts.

The hackers first spammed the victims’ computers with a malware, which designed to collect the banks account information such as balance, login details, and passwords for their accounts, along with their mobile number. Then they exploited Signaling System 7 and set up a redirect for the victim’s mobile phone number to a handset controlled by the attackers. Then the attackers logged into the victim’s online bank accounts in the middle of the night and transferred money out.

This confirmed attack making it clear that real-world SS7 attacks exist and putting users all over the world in danger.

What can I do to protect myself?

For text messages, avoiding SMS and instead using encrypted messaging services such as Apple’s iMessage, Facebook’s WhatsApp or the many others available will allow you to send and receive instant messages without having to go through the SMS network, protecting them from surveillance.

The following two tabs change content below.
Avatar

Unallocated Author

Please note that the article you are reading has an unallocated author as the original author is no longer employed at latesthackingnews.com, this has been put in place to adhere with general data protection regulations (GDPR). If you have any further queries, please contact: [email protected]
Avatar

Unallocated Author

Please note that the article you are reading has an unallocated author as the original author is no longer employed at latesthackingnews.com, this has been put in place to adhere with general data protection regulations (GDPR). If you have any further queries, please contact: [email protected]

Do NOT follow this link or you will be banned from the site!