As indicated by yet another research cyber hackers have now shifted their attention towards taping the phone network by means of the misuse of the SS7 protocol in order to steal money from the bank accounts directly by intercepting the messages.
Since the protocol is utilized by Internet service providers and telecom company to control the telephone calls and instant text messages across the world, the SS7 attacks performed by the said cyber criminals uses a current ‘structure blemish’ i.e. a flaw in it and exploits it accordingly so as to perform different perilous attacks, that are very much similar to the acts of data theft, eavesdropping, text interception and location tracking.
UK’s Metro Bank has already fallen victim to this attack. In view of the affirmation given by the National Cyber Security Center (NCSC), the ‘defensive’ arm of the UK’s signals intelligence agency GCHQ, SS7 attacks are consistently utilized by cybercriminals to intercept the messages in order to steal the code that is additionally utilized for bank transactions.
NCSC said that “We are aware of a known telecommunications vulnerability being exploited to target bank accounts by intercepting SMS text messages used as 2-Factor Authentication (2FA).”
Due to this two factor authentication, by having a SS7 network access the cybercriminals can intercept the messages even after they gain access to the internet banking login credentials by the means of phishing attacks and then initiate the verification code through text message. Later they can without much of a stretch block it through SS7 attack and use it to finish their transaction procedure.
“Something that members of the general public don’t necessarily have to worry about. An SS7 attack is unlikely to be effective if the bank uses a form of 2FA that doesn’t rely on text messages, such as an authenticator app.”
When approached some of the notable Telecom Service Providers to get to know their thoughts regarding this matter of concern, Vodafone says “We have specific security measures in place to protect our customers against SS7 vulnerabilities that have been deployed over the last few years, and we have no evidence to suggest that Vodafone customers have been affected.”
Likewise they express that, they are working with GSMA, banks and security specialists so as to alleviate and further protect their clients.
To read the original article: